CVE-2025-8473

Name of the Vulnerable Software and Affected Versions Alpine iLX-507 (affected versions not specified)

Description This issue allows physically present attackers to execute arbitrary code on affected installations. Authentication is not required for exploitation. The flaw resides within the UPDM wstpCBCUpdStart function due to insufficient validation of user-supplied data before executing a system call, enabling an attacker to execute code with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.