CVE-2025-15017

Name of the Vulnerable Software and Affected Versions serial device servers (affected versions not specified)

Description A flaw exists in serial device servers where active debug code is enabled in the UART interface. An attacker with physical access can connect to the UART interface and gain unauthorized access to internal debug functionality without authentication or user interaction. This allows an attacker to execute privileged operations and access sensitive system resources, impacting the confidentiality, integrity, and availability of the device. There is no identified security impact to external or dependent systems. Exploitation is considered low complexity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.