CVE-2025-3495

9.8CRITICAL

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

Published: 4/16/2025Updated: 4/16/2025
View on NVDView on MITRE

Description

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

AI AnalysisPowered by AI

References