CVE-2025-0674 (GCVE-0-2025-0674)
Vulnerability from cvelistv5
Published
2025-02-06 23:42
Modified
2025-02-12 19:41
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
Summary
Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system. This grants them unauthorized administrative access to protected areas of the application, compromising the device's system security.
References
Impacted products
Vendor Product Version
Elber Signum DVB-S/S2 IRD Version: 0   <
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0674",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T15:16:22.044171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:41:07.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Signum DVB-S/S2 IRD",
          "vendor": "Elber",
          "versions": [
            {
              "lessThanOrEqual": "1.999",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cleber/3 Broadcast Multi-Purpose Platform",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Reble610 M/ODU XPIC IP-ASI-SDH",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "0.01"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ESE DVB-S/S2 Satellite Receiver",
          "vendor": "Elber",
          "versions": [
            {
              "lessThanOrEqual": "1.5.179",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Wayber Analog/Digital Audio STL",
          "vendor": "Elber",
          "versions": [
            {
              "status": "affected",
              "version": "4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Gjoko Krstic of Zero Science Lab reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user\u0027s password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device\u0027s system security."
            }
          ],
          "value": "Multiple Elber products are affected by an authentication bypass \nvulnerability which allows unauthorized access to the password \nmanagement functionality. Attackers can exploit this issue by \nmanipulating the endpoint to overwrite any user\u0027s password within the \nsystem. This grants them unauthorized administrative access to protected\n areas of the application, compromising the device\u0027s system security."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-06T23:42:33.517Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03"
        }
      ],
      "source": {
        "advisory": "ICSA-25-035-03",
        "discovery": "EXTERNAL"
      },
      "title": "Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Elber does not plan to mitigate these vulnerabilities because this \nequipment is either end of life or almost end of life. Users of affected\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \nElber \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://elber.it/en/elber-contacts.php\"\u003ecustomer support\u003c/a\u003e for additional information.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Elber does not plan to mitigate these vulnerabilities because this \nequipment is either end of life or almost end of life. Users of affected\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \nElber  customer support https://elber.it/en/elber-contacts.php  for additional information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-0674",
    "datePublished": "2025-02-06T23:42:33.517Z",
    "dateReserved": "2025-01-23T15:00:24.797Z",
    "dateUpdated": "2025-02-12T19:41:07.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-0674\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2025-02-07T00:15:27.017\",\"lastModified\":\"2025-02-07T00:15:27.017\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple Elber products are affected by an authentication bypass \\nvulnerability which allows unauthorized access to the password \\nmanagement functionality. Attackers can exploit this issue by \\nmanipulating the endpoint to overwrite any user\u0027s password within the \\nsystem. This grants them unauthorized administrative access to protected\\n areas of the application, compromising the device\u0027s system security.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-288\"}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03\",\"source\":\"ics-cert@hq.dhs.gov\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0674\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T15:16:22.044171Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T19:40:36.172Z\"}}], \"cna\": {\"title\": \"Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel\", \"source\": {\"advisory\": \"ICSA-25-035-03\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Gjoko Krstic of Zero Science Lab reported these vulnerabilities to CISA.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Elber\", \"product\": \"Signum DVB-S/S2 IRD\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.999\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Elber\", \"product\": \"Cleber/3 Broadcast Multi-Purpose Platform\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Elber\", \"product\": \"Reble610 M/ODU XPIC IP-ASI-SDH\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.01\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Elber\", \"product\": \"ESE DVB-S/S2 Satellite Receiver\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.5.179\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Elber\", \"product\": \"Wayber Analog/Digital Audio STL\", \"versions\": [{\"status\": \"affected\", \"version\": \"4\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Elber does not plan to mitigate these vulnerabilities because this \\nequipment is either end of life or almost end of life. Users of affected\\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \\nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \\nElber  customer support https://elber.it/en/elber-contacts.php  for additional information.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Elber does not plan to mitigate these vulnerabilities because this \\nequipment is either end of life or almost end of life. Users of affected\\n versions of Elber Signum DVB-S/S2 IRD, Cleber/3 Broadcast Multi-Purpose\\n Platform, Reble610 M/ODU XPIC IP-ASI-SDH, ESE DVB-S/S2 Satellite \\nReceiver, and Wayber Analog/Digital Audio STL are invited to contact \\nElber \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://elber.it/en/elber-contacts.php\\\"\u003ecustomer support\u003c/a\u003e for additional information.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple Elber products are affected by an authentication bypass \\nvulnerability which allows unauthorized access to the password \\nmanagement functionality. Attackers can exploit this issue by \\nmanipulating the endpoint to overwrite any user\u0027s password within the \\nsystem. This grants them unauthorized administrative access to protected\\n areas of the application, compromising the device\u0027s system security.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Multiple Elber products are affected by an authentication bypass \\nvulnerability which allows unauthorized access to the password \\nmanagement functionality. Attackers can exploit this issue by \\nmanipulating the endpoint to overwrite any user\u0027s password within the \\nsystem. This grants them unauthorized administrative access to protected\\n areas of the application, compromising the device\u0027s system security.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-288\", \"description\": \"CWE-288\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2025-02-06T23:42:33.517Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-0674\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T19:41:07.823Z\", \"dateReserved\": \"2025-01-23T15:00:24.797Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2025-02-06T23:42:33.517Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.