CVE-2025-53520

Name of the Vulnerable Software and Affected Versions EG4 (affected versions not specified)

Description The affected product allows firmware updates to be downloaded from EG4’s website, transferred via USB dongles, or installed through EG4’s Monitoring Center (remote, cloud-connected interface) or via a serial connection. These files are installed without integrity checks. The TTComp archive format used for the firmware is unencrypted and can be unpacked and altered without detection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.