CVE-2025-49852

High CVSS: 8.7

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers.

Vendor

Assaabloy

Product

Control Id Idsecure

CWE

CWE-918

Yayın Tarihi

2025-06-24 20:15:25

Güncelleme

2025-07-02 16:33:10

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-918 Control Id Idsecure HIGH Assaabloy 2025

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-05

Benzer Kayıtlar

High

CVE-2025-49851

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an improper authentication vulnerability wh…

Critical

CVE-2025-49853

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacke…

Medium

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects u…