{"vulnerability": "CVE-2025-1960", "sightings": [{"uuid": "f3ce3f43-df8b-45f9-a657-d8572533d619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lk6zie2nfz2o", "content": "", "creation_timestamp": "2025-03-12T16:40:24.298404Z"}, {"uuid": "bb7c8449-b96e-46b8-9b2b-5c61c10c2f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114150716796310485", "content": "", "creation_timestamp": "2025-03-12T17:48:29.735448Z"}, {"uuid": "bab836f8-5def-4d33-a72e-c63639068a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lm2tdoy6gq2y", "content": "", "creation_timestamp": "2025-04-05T11:30:14.249213Z"}, {"uuid": "35417daf-b5e7-42b8-b63a-eb0a2079055b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1052", "content": "\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u0624\u0644\u0641\u0647 WebHMI \u0633\u06cc\u0633\u062a\u0645 SCADA \u0631\u0627\u0628\u0637 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0628\u0631\u0642 EcoStruxure (EcoSUI) \u0648 \u0633\u06cc\u0633\u062a\u0645 \u0628\u0647\u06cc\u0646\u0647\u200c\u0633\u0627\u0632\u06cc \u0645\u0646\u0628\u0639 \u0627\u0646\u0631\u0698\u06cc \u062a\u0648\u0632\u06cc\u0639\u200c\u0634\u062f\u0647 EcoStruxure Microgrid Operation Large (EMO-L) \u0628\u0647 \u0645\u0642\u062f\u0627\u0631\u062f\u0647\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0627\u0645\u0646 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u06cc \u06a9\u0647 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0639\u0645\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0631\u0627 \u0628\u062f\u0647\u062f.\n\nBD U:2025-02540\nCVE-2025-1960\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627.\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-03&amp;p_enDocType=Security+and+Safety+Notice&amp;p_File_Name=SEVD-2025-070-03.pdf\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2025-03-24T16:59:36.000000Z"}, {"uuid": "4bc32cac-078c-4228-b522-45bf9b8aa03b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://t.me/CyberBulletin/2666", "content": "\u26a1CVE-2025-1960 (CVSS 9.8): Schneider Electric Addresses Critical Flaw in WebHMI Component.\n\n#CyberBulletin", "creation_timestamp": "2025-03-17T12:42:54.000000Z"}, {"uuid": "8657cea6-8e36-455f-b55f-bce041639411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-077-03", "content": "", "creation_timestamp": "2025-03-18T11:00:00.000000Z"}, {"uuid": "89d30ee3-a036-4adb-b70f-2f11ecdac04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1960", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7320", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1960\n\ud83d\udd25 CVSS Score: 9.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an\nattacker to execute unauthorized commands when a system\u2019s default password credentials have not been\nchanged on first use. The default username is not displayed correctly in the WebHMI interface.\n\ud83d\udccf Published: 2025-03-12T15:33:59.173Z\n\ud83d\udccf Modified: 2025-03-12T15:33:59.173Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-03&amp;p_enDocType=Security+and+Safety+Notice&amp;p_File_Name=SEVD-2025-070-03.pdf", "creation_timestamp": "2025-03-12T15:40:49.000000Z"}]}