CVE-2025-9999

Summary

Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

Affected Software

VendorProductVersion RangeStatus
arcinfoPcVue16.0.0 <= 16.3.3affected
arcinfoPcVue15.0.0 <= 15.2.12affected
arcinfoPcVue12.0.0 <= 12.0.31affected

Weaknesses

  • CWE-940: CWE-940 Improper Verification of Source of a Communication Channel
  • CWE-1288: CWE-1288 Improper Validation of Consistency within Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References