CVE-2025-5087

Medium CVSS: 6.0

Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.

Vendor

Product

CWE

CWE-319

Yayın Tarihi

2025-06-24 19:15:23

Güncelleme

2025-06-26 18:58:14

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-319 MEDIUM 2025

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-01