CVE-2025-27255

High CVSS: 8.0

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code.

Vendor

Product

CWE

CWE-798

Yayın Tarihi

2025-03-10 09:15:11

Güncelleme

2025-03-12 12:15:14

Source Identifier

prodsec@nozominetworks.com

KEV Date Added

Kategoriler

CWE-798 HIGH 2025

Referanslar

https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily&type=21&file=76 https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-27255