PT-2025-54287 · Unknown · Serial Device Servers

CVE-2025-15017

·

Publicado

2025-12-31

·

Atualizado

2025-12-31

CVSS v2.0

7.2

Alta

VetorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions serial device servers (affected versions not specified)
Description A flaw exists in serial device servers where active debug code is enabled in the UART interface. An attacker with physical access can connect to the UART interface and gain unauthorized access to internal debug functionality without authentication or user interaction. This allows an attacker to execute privileged operations and access sensitive system resources, impacting the confidentiality, integrity, and availability of the device. There is no identified security impact to external or dependent systems. Exploitation is considered low complexity.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

BDU:2026-00359
CVE-2025-15017

Produtos afetados

Serial Device Servers