CVE-2025-29270
BaseFortify
Publication date: 2025-10-31
Last updated on: 2025-11-04
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deep_sea_electronics | dse855 | 1.1.0 |
| deep_sea_electronics | dse855 | 1.0.26 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-29270 is an authentication bypass vulnerability in the DSE855 Communications Device by Deep Sea Electronics. The device has an exposed endpoint, /realtime.cgi, which leaks sensitive information including session identifiers (SIDs), user IDs, user roles, and network status without requiring authentication. Attackers can retrieve the SID from this endpoint, inject it into their browser cookies, and then access the administrative interface at /secure/index.html without proper authentication, gaining full control over the device. [1]
How can this vulnerability impact me? :
This vulnerability allows attackers to gain unauthorized administrative access to the DSE855 device, enabling them to fully control the device remotely. Since the device is used for remote monitoring and control of power generation and other critical systems, exploitation could lead to unauthorized changes, disruption of operations, or compromise of the managed systems, potentially causing significant operational and security impacts. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by attempting to access the `/realtime.cgi` endpoint on the DSE855 device to see if it discloses sensitive information such as session identifiers (SID), user IDs, and user roles without authentication. For example, using a command like `curl http://<device-ip>/realtime.cgi` can reveal if the endpoint is exposed. If the response contains session identifiers or sensitive device status information without requiring authentication, the device is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the DSE855 device's web interface, especially the `/realtime.cgi` and `/secure/index.html` endpoints, by implementing firewall rules or network segmentation to limit access only to trusted users. Additionally, monitor and audit access logs for suspicious activity. If possible, update the device firmware to a version that addresses this vulnerability once available from the vendor. Until a patch is applied, avoid exposing the device's management interface to untrusted networks. [1]