CVE-2025-41652

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions The product name cannot be determined.

Description The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-656CWE-328

Related Identifiers

CVE-2025-41652

Affected Products

Ie-Sw-Pl10M-3Gt-7Tx

Ie-Sw-Pl10Mt-3Gt-7Tx

Ie-Sw-Pl16M-16Tx

Ie-Sw-Pl16Mt-16Tx

Ie-Sw-Pl18M-2Gc-16Tx

Ie-Sw-Pl18Mt-2Gc-16Tx

Ie-Sw-Vl05M-5Tx

Ie-Sw-Vl05Mt-5Tx

Ie-Sw-Vl08Mt-5Tx-1Sc-2Scs

Ie-Sw-Vl08Mt-6Tx-2Sc

Ie-Sw-Vl08Mt-6Tx-2Scs

Ie-Sw-Vl08Mt-6Tx-2St

Ie-Sw-Vl08Mt-8Tx

CVE-2025-41652

Weakness Enumeration

Related Identifiers

Affected Products

References · 11