PT-2025-53392 · Pexip · Pexip Infinity
Published
2025-12-25
·
Updated
2025-12-25
·
CVE-2025-66377
CVSS v3.1
7.5
High
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Pexip Infinity versions prior to 39.0
Description
A critical function within a product-internal API lacks proper authentication. An attacker who has already gained the ability to execute code on one node within a Pexip Infinity installation can potentially impact the operation of other nodes within the installation.
Recommendations
Update to version 39.0 or later.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pexip Infinity