CVE-2025-0224

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 5, 2025
CWE ID 284
CWE ID 200

Summary

CVE-2025-0224 is a newly disclosed vulnerability that affects Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U), and NVR5-8200PX devices up to version 20241220. This issue, which remains undisclosed in terms of the specific functionality involved, results in information disclosure. The exploit can be executed remotely, increasing the severity of the vulnerability. The attack code has been made public, raising concerns about potential widespread exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share