CVE-2025-8393
A TLS vulnerability exists in the phone application used to manage a
connected device. The phone application accepts self-signed certificates
when establishing TLS communication which may result in
man-in-the-middle attacks on untrusted networks. Captured communications
may include user credentials and sensitive session tokens.
connected device. The phone application accepts self-signed certificates
when establishing TLS communication which may result in
man-in-the-middle attacks on untrusted networks. Captured communications
may include user credentials and sensitive session tokens.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-08-08 17:15:30
Güncelleme
2025-08-08 20:30:18
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-