CVE-2025-7976
BaseFortify
Publication date: 2025-09-02
Last updated on: 2025-09-24
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anritsu | shockline | to 2025.4.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7976 is a remote code execution vulnerability in Anritsu ShockLine products caused by improper validation of user-supplied data during the parsing of CHX files. This flaw allows an attacker to deserialize untrusted data, which can lead to execution of arbitrary code within the context of the current process. Exploitation requires user interaction, such as visiting a malicious webpage or opening a malicious file. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on affected systems, potentially leading to full compromise of the application or system running Anritsu ShockLine. This can result in unauthorized access, data theft, data corruption, or disruption of service. [1]