CVE-2025-47872
The public-facing product registration endpoint server responds
differently depending on whether the S/N is valid and unregistered,
valid but already registered, or does not exist in the database.
Combined with the fact that serial numbers are sequentially assigned,
this allows an attacker to gain information on the product registration
status of different S/Ns.
differently depending on whether the S/N is valid and unregistered,
valid but already registered, or does not exist in the database.
Combined with the fact that serial numbers are sequentially assigned,
this allows an attacker to gain information on the product registration
status of different S/Ns.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-08-08 17:15:28
Güncelleme
2025-08-08 20:30:18
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-