CVE-2025-27253 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A CWE-15 "External Control of System or Configuration Setting" in GE Vernova UR IED family devices from version 7.0 up to 8.60 allows an attacker to provide inp…
Medium CVSS: 6.1

CVE-2025-27253

A CWE-15 "External Control of System or Configuration Setting" in GE Vernova UR IED family devices from version 7.0 up to 8.60 allows an attacker to provide input that establishes a TCP connection through a port forwarding. The lack of the IP address and port validation may allow the attacker to bypass firewall rules or to send malicious traffic in the network.
Vendor
-
Product
-
CWE
CWE-15
Yayın Tarihi
2025-03-10 09:15:10
Güncelleme
2025-10-07 15:16:02
Source Identifier
prodsec@nozominetworks.com
KEV Date Added
-

Kategoriler

CWE-15 MEDIUM 2025

Referanslar

https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily&type=21&file=76 https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-27253