github - ghsa-3936-ppm9-g3c2

ghsa-3936-ppm9-g3c2

Vulnerability from github

Published

2025-06-26 21:31

Modified

2025-06-26 21:31

Severity ?

8.1 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-48466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-24T03:15:34Z",
    "severity": "HIGH"
  },
  "details": "Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks.",
  "id": "GHSA-3936-ppm9-g3c2",
  "modified": "2025-06-26T21:31:04Z",
  "published": "2025-06-26T21:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48466"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shipcod3/CVE-2025-48466"
    },
    {
      "type": "WEB",
      "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2025-48466 (GCVE-0-2025-48466)

Vulnerability from cvelistv5

Published

2025-06-24 02:12

Modified

2025-06-25 12:59

Severity ?

8.1 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

References

▼	URL	Tags
	https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061
	https://github.com/shipcod3/CVE-2025-48466

Impacted products

	Vendor	Product	Version
	Advantech	Advantech Wireless Sensing and Equipment (WISE)	Version: A2.01 B00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48466",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-24T15:25:23.267947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-863",
                "description": "CWE-863 Incorrect Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-25T12:59:38.016Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Advantech Wireless Sensing and Equipment (WISE)",
          "vendor": "Advantech",
          "versions": [
            {
              "status": "affected",
              "version": "A2.01 B00"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jay Turla"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Japz Divino"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Jerold Camacho"
        }
      ],
      "datePublic": "2025-06-24T02:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks."
            }
          ],
          "value": "Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-24T02:30:12.664Z",
        "orgId": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4",
        "shortName": "CSA"
      },
      "references": [
        {
          "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061"
        },
        {
          "url": "https://github.com/shipcod3/CVE-2025-48466"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Users and administrators of affected products are advised to update to firmware version A2.02 B00 and disable Modbus TCP if it is not required in their deployment.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Users and administrators of affected products are advised to update to firmware version A2.02 B00 and disable Modbus TCP if it is not required in their deployment."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Modbus Command Injection without Authentication",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4",
    "assignerShortName": "CSA",
    "cveId": "CVE-2025-48466",
    "datePublished": "2025-06-24T02:12:41.743Z",
    "dateReserved": "2025-05-22T09:41:25.402Z",
    "dateUpdated": "2025-06-25T12:59:38.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted