exploitDog

CVE-2025-52578

Опубликовано: 18 нояб. 2025

Источник: nvd

CVSS3: 5.7

EPSS Низкий

Описание

Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications.

This issue affects Command Centre Server:

9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.

Ссылки

https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-52578

EPSS

Процентиль: 6%

0.00023

Низкий

5.7 Medium

CVSS3

Дефекты

CWE-335

Связанные уязвимости

GHSA-9567-rh6q-rf53

CVSS3: 5.7

github

3 месяца назад

Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.

EPSS

Процентиль: 6%

0.00023

Низкий

5.7 Medium

CVSS3

Дефекты

CWE-335