CVE-2025-52919
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-21

Last updated on: 2025-07-10

Assigner: MITRE

Description
In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-21
Last Modified
2025-07-10
Generated
2026-05-07
AI Q&A
2025-06-22
EPSS Evaluated
2026-05-05
NVD
CVE-2025-52919
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in Yealink YMCS RPS versions before 2025-05-26, where the certificate upload function does not properly validate the content of certificates. This means that invalid or potentially malicious certificates could be uploaded to the system.


How can this vulnerability impact me? :

The impact of this vulnerability is limited to the integrity of the certificate upload process. An attacker with privileges to upload certificates could upload invalid certificates, potentially leading to improper system behavior or security issues related to certificate handling. However, it does not directly affect confidentiality or availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart