CVE-2025-3495 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID an…
Critical CVSS: 9.8

CVE-2025-3495

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.
Vendor
-
Product
-
CWE
CWE-338
Yayın Tarihi
2025-04-16 03:15:17
Güncelleme
2025-04-16 13:25:37
Source Identifier
759f5e80-c8e1-4224-bead-956d7b33c98b
KEV Date Added
-

Kategoriler

CWE-338 CRITICAL 2025

Referanslar

https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07