CVE-2025-41452
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-22
Last updated on: 2025-08-22
Assigner: Danfoss
Description
Description
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| danfoss | ak-sm_800a | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-15 | One or more system settings or configuration elements can be externally controlled by a user. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a post-authenticated external control issue in the web interface configuration settings of Danfoss AK-SM8xxA Series devices prior to version 4.3.1. It allows an attacker with certain privileges to cause a denial of service by exploiting improper handling of exceptional conditions in the system.
How can this vulnerability impact me? :
The vulnerability can lead to a denial of service attack, which means the affected system or device could become unavailable or unresponsive, potentially disrupting normal operations.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70