CVE-2025-0680

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 30, 2025

CWE ID 78

Summary

CVE-2025-0680 is a newly disclosed vulnerability that poses a serious threat to devices with affected cloud rpc command handling processes. Attackers can exploit this weakness to gain unauthorized control over arbitrary connected devices in the cloud. This issue can lead to severe consequences, including data breaches and unauthorized system access. The vulnerability exists due to insufficient input validation in the cloud rpc command handling, enabling remote code execution. Organizations using the affected products are strongly advised to apply the necessary patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2umRt_
https://www.cve.org/CVERecord?id=CVE-2025-0680
https://nvd.nist.gov/vuln/detail/CVE-2025-0680

Back to Vulnerability Database

CVE-2025-0680

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations