CVE-2025-48463
BaseFortify
Publication date: 2025-06-24
Last updated on: 2025-07-09
Assigner: CSA
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| advantech | wise-4060lan_firmware | * |
| advantech | wise-4060lan | * |
| advantech | wise-4050lan_firmware | * |
| advantech | wise-4050lan | * |
| advantech | wise-4010lan_firmware | * |
| advantech | wise-4010lan | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately stop using unencrypted HTTP communication for the affected product and switch to encrypted protocols such as HTTPS to prevent data interception and session hijacking.
Can you explain this vulnerability to me?
This vulnerability occurs because the affected product uses unencrypted HTTP communication, which allows an attacker to intercept data being transmitted. By exploiting this, the attacker can hijack sessions and potentially gain unauthorized access or tamper with the data.
How can this vulnerability impact me? :
The impact of this vulnerability includes the risk of unauthorized access to your data or systems due to session hijacking. Additionally, intercepted data could be tampered with, compromising data integrity and confidentiality.