CVE-2025-34515 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker…
Critical CVSS: 9.3

CVE-2025-34515

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
Vendor
Ilevia
Product
Eve X1 Server Firmware
CWE
CWE-250
Yayın Tarihi
2025-10-16 18:15:35
Güncelleme
2025-11-06 19:15:41
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-250 Eve X1 Server Firmware CRITICAL Ilevia 2025

Referanslar

https://www.ilevia.com/ https://www.vulncheck.com/advisories/ilevia-eve-x1-server-root-priv-esc https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5965.php