CVE-2025-5191 (GCVE-0-2025-5191)
Vulnerability from cvelistv5
Published
2025-08-25 08:01
Modified
2025-08-25 13:48
Severity ?
7.3 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-428 - Unquoted Search Path or Element
Summary
An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.
References
psirt@moxa.comhttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)
Impacted products
Vendor Product Version
Moxa Utility for DRP-A100 Series Version: 1.0   <
Patch: 1.2
 Create a notification for this product.
   Moxa Utility for DRP-A100 Series Version: 1.0   <
Patch: 1.1
 Create a notification for this product.
   Moxa Utility for DRP-C100 Series Version: 1.0   <
Patch: 1.2
 Create a notification for this product.
   Moxa Utility for DRP-C100 Series Version: 1.0   <
Patch: 1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5191",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T13:48:00.832287Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T13:48:09.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows 10 IoT Enterprise LTSC 2021"
          ],
          "product": "Utility for DRP-A100 Series",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.1",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows 11 IoT Enterprise LTSC 2024",
            "Windows 11 Professional 2022"
          ],
          "product": "Utility for DRP-A100 Series",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows 10 IoT Enterprise LTSC 2021"
          ],
          "product": "Utility for DRP-C100 Series",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.1",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows 11 IoT Enterprise LTSC 2024",
            "Windows 11 Professional 2022"
          ],
          "product": "Utility for DRP-C100 Series",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Anni Tuulinen"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn Unquoted Search Path vulnerability has been identified in the utility for Moxa\u2019s industrial computers (Windows). \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to the unquoted path configuration in \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhile successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003econfidentiality, integrity, or availability within any subsequent systems.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "An Unquoted Search Path vulnerability has been identified in the utility for Moxa\u2019s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233: Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-428",
              "description": "CWE-428: Unquoted Search Path or Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-25T08:22:05.944Z",
        "orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
        "shortName": "Moxa"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMoxa has developed appropriate solutions to address this vulnerability. The solutions for the affected products are listed in the security advisory: \u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Moxa has developed appropriate solutions to address this vulnerability. The solutions for the affected products are listed in the security advisory: \n\n https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Unquoted Search Path Vulnerability in the Utility for Industrial Computers (Windows)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
    "assignerShortName": "Moxa",
    "cveId": "CVE-2025-5191",
    "datePublished": "2025-08-25T08:01:11.035Z",
    "dateReserved": "2025-05-26T05:18:48.345Z",
    "dateUpdated": "2025-08-25T13:48:09.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-5191\",\"sourceIdentifier\":\"psirt@moxa.com\",\"published\":\"2025-08-25T08:15:30.047\",\"lastModified\":\"2025-08-25T20:24:45.327\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Unquoted Search Path vulnerability has been identified in the utility for Moxa\u2019s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad de ruta de b\u00fasqueda sin comillas en la utilidad para ordenadores industriales de Moxa (Windows). Debido a la configuraci\u00f3n de la ruta sin comillas en la utilidad SerialInterfaceService.exe, un atacante local con privilegios limitados podr\u00eda colocar un ejecutable malicioso en un directorio de mayor prioridad dentro de la ruta de b\u00fasqueda. Al iniciarse el servicio de interfaz serie, el ejecutable malicioso podr\u00eda ejecutarse con privilegios de SYSTEM. Una explotaci\u00f3n exitosa podr\u00eda permitir la escalada de privilegios o permitir que un atacante mantenga la persistencia en el sistema afectado. Si bien una explotaci\u00f3n exitosa puede afectar gravemente la confidencialidad, integridad y disponibilidad del dispositivo afectado, no se produce p\u00e9rdida de confidencialidad, integridad ni disponibilidad en los sistemas posteriores.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@moxa.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"psirt@moxa.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-428\"}]}],\"references\":[{\"url\":\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\",\"source\":\"psirt@moxa.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5191\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-25T13:48:00.832287Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-25T13:48:05.859Z\"}}], \"cna\": {\"title\": \"Unquoted Search Path Vulnerability in the Utility for Industrial Computers (Windows)\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Anni Tuulinen\"}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233: Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Moxa\", \"product\": \"Utility for DRP-A100 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.1\"}, {\"status\": \"unaffected\", \"version\": \"1.2\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 IoT Enterprise LTSC 2021\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Moxa\", \"product\": \"Utility for DRP-A100 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.1\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 11 IoT Enterprise LTSC 2024\", \"Windows 11 Professional 2022\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Moxa\", \"product\": \"Utility for DRP-C100 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.1\"}, {\"status\": \"unaffected\", \"version\": \"1.2\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 IoT Enterprise LTSC 2021\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Moxa\", \"product\": \"Utility for DRP-C100 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.1\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 11 IoT Enterprise LTSC 2024\", \"Windows 11 Professional 2022\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Moxa has developed appropriate solutions to address this vulnerability. The solutions for the affected products are listed in the security advisory: \\n\\n https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eMoxa has developed appropriate solutions to address this vulnerability. The solutions for the affected products are listed in the security advisory: \u003c/p\u003e\u003cp\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\\\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\u003c/a\u003e\u003c/p\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Unquoted Search Path vulnerability has been identified in the utility for Moxa\\u2019s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eAn Unquoted Search Path vulnerability has been identified in the utility for Moxa\\u2019s industrial computers (Windows). \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eDue to the unquoted path configuration in \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003ethe SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eWhile successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003econfidentiality, integrity, or availability within any subsequent systems.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-428\", \"description\": \"CWE-428: Unquoted Search Path or Element\"}]}], \"providerMetadata\": {\"orgId\": \"2e0a0ee2-d866-482a-9f5e-ac03d156dbaa\", \"shortName\": \"Moxa\", \"dateUpdated\": \"2025-08-25T08:22:05.944Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-5191\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-25T13:48:09.418Z\", \"dateReserved\": \"2025-05-26T05:18:48.345Z\", \"assignerOrgId\": \"2e0a0ee2-d866-482a-9f5e-ac03d156dbaa\", \"datePublished\": \"2025-08-25T08:01:11.035Z\", \"assignerShortName\": \"Moxa\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.