CVE-2025-59200

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click a specially crafted button for the attacker to successfully exploit the vulnerability.

According to the CVSS metric, successful exploitation could lead to some loss of availability and confidentiality and a total loss of integrity. What does that mean for the vulnerability?

Successful exploitation of this vulnerability enables an attacker to access data and disrupt services at a medium integrity level, resulting in some loss of confidentiality and availability. However, because the attacker can execute arbitrary code at that level, the vulnerability poses a total loss of integrity, allowing for potentially significant data manipulation.

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.