ГлавнаяУязвимости → CVE-2025-54807
9.8критическая

CVE-2025-54807

Описание

The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-261-07.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-25-261-07https://www.doverfuelingsolutions.com/mea/en/products-and-solutions/automatic-tank-gauging/consoles/progauge-maglink-lx-4-console.html