CVE-2025-40837

High CVSS: 8.7

Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended.

Vendor

Ericsson

Product

Indoor Connect 8855 Firmware

CWE

CWE-862

Yayın Tarihi

2025-09-25 15:16:11

Güncelleme

2025-10-02 17:59:04

Source Identifier

85b1779b-6ecd-4f52-bcc5-73eac4659dcf

KEV Date Added

Kategoriler

CWE-862 Indoor Connect 8855 Firmware HIGH Ericsson 2025

Referanslar

https://www.ericsson.com/en/about-us/security/psirt/e2025-09-25

Benzer Kayıtlar

High

CVE-2025-27260

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability…

Medium

CVE-2025-40841

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which,…

High

CVE-2025-40842

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exp…

Medium

CVE-2025-40843

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.…

Medium

CVE-2025-27258

Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an esc…

Low

CVE-2025-27259

Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limite…