CVE-2025-0219
CVSS 2.0 Score 3.3 of 10 (low)
Details
Published Jan 5, 2025
CWE ID 94
CWE ID 79
Summary
CVE-2025-0219 is a recently disclosed vulnerability affecting the Trimble SPS851 488.01 software. The issue lies within the Receiver Status Identity Tab's unknown functionality and arises from the manipulation of the System Name argument. This vulnerability allows an attacker to execute cross-site scripting code remotely. As of now, the exploit is public, and the vendor, Trimble, has not responded to disclosure notifications. Users are advised to apply patches or workarounds as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Trimble Inc.