CVE-2025-47416

Name of the Vulnerable Software and Affected Versions: TSW-760 versions prior to 3.001.0031.001 TSW-1060 versions prior to 3.001.0031.001

Description: A vulnerability exists in the ConsoleFindCommandMatchList function within libsymproc.so imported by ctpd that may allow an attacker to execute an attacker-defined file due to prioritization within the ConsoleFindCommandMatchList. The ConsoleFindCommandMatchList enumerates the /dev/shm/symproc/c directory in alphabetical order to identify console commands, inferring permission levels from integer values in the file names.

Recommendations: Update TSW-760 to version 3.001.0031.001 or later. Update TSW-1060 to version 3.001.0031.001 or later.