PT-2025-39394 · Ericsson · Ericsson Indoor Connect 8855
Telstra
·
Published
2025-09-25
·
Updated
2025-09-30
·
CVE-2025-27262
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Ericsson Indoor Connect 8855 (affected versions not specified)
Description
The software contains a command injection issue that, if exploited, could result in a loss of data integrity and confidentiality. This could lead to the unauthorized disclosure and modification of user and configuration data. It may also be possible to execute commands with escalated privileges, impacting service availability and allowing modification of system files and configuration data.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ericsson Indoor Connect 8855