CVE-2025-25051
Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Vulnerability report for CVE-2025-25051, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-22

Last updated on: 2026-01-26

Assigner: ICS-CERT

Description

An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-22
Last Modified
2026-01-26
Generated
2026-07-06
AI Q&A
2026-01-23
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-256 The product stores a password in plaintext within resources such as memory or files.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows an attacker to decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources to perform lateral attacks.

Impact Analysis

The impact includes unauthorized decryption of sensitive data, impersonation of legitimate users or devices, and unauthorized access to network resources, which can lead to further attacks within the network.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-25051. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart