GHSA-3w9v-5hv6-vvfx

Опубликовано: 05 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap (Port 162) requests, which could allow an attacker to inject SQL commands.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2025-13373
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-338-07.json
https://www.advantech.com/zh-tw/support/details/firmware?id=1-HIPU-183
https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-07

EPSS

Процентиль: 13%

0.00044

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-13373

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-13373

CVSS3: 7.5

nvd

2 месяца назад

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap (Port 162) requests, which could allow an attacker to inject SQL commands.

EPSS

Процентиль: 13%

0.00044

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-13373

Дефекты

CWE-89