CVE-2022-25251

Name of the Vulnerable Software and Affected Versions Axeda agent (All versions) Axeda Desktop Server for Windows (All versions)

Description The issue allows an attacker to send certain XML messages to a specific port without proper authentication, potentially enabling a remote unauthenticated attacker to read and modify the affected product's configuration.

Recommendations For Axeda agent (All versions), consider restricting access to the specific port that allows XML messages to be sent without proper authentication until a fix is available. For Axeda Desktop Server for Windows (All versions), as a temporary workaround, consider disabling the ability to send XML messages to the specific port until a patch is available. Avoid using the affected products until the issue is resolved, as there is no information about a newer version that contains a fix for this issue.