CVE-2025-3495

9.8CRITICAL

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

Veröffentlicht: 4/16/2025Aktualisiert: 4/16/2025
Auf NVD ansehenAuf MITRE ansehen

Beschreibung

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

KI-AnalyseKI-gestützt

Referenzen