CVE-2025-53520
The affected product allows firmware updates to be downloaded from EG4's
website, transferred via USB dongles, or installed through EG4's
Monitoring Center (remote, cloud-connected interface) or via a serial
connection, and can install these files without integrity checks. The
TTComp archive format used for the firmware is unencrypted and can be
unpacked and altered without detection.
website, transferred via USB dongles, or installed through EG4's
Monitoring Center (remote, cloud-connected interface) or via a serial
connection, and can install these files without integrity checks. The
TTComp archive format used for the firmware is unencrypted and can be
unpacked and altered without detection.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-08-08 17:15:29
Güncelleme
2025-08-08 20:30:18
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-