CVE-2025-54807

CRITICAL(9.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score25/100 — MITTEL

CVSS 9.8 — Kritisch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.8

Technische Schwere

Beschreibung

The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system.

Referenzen

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-26...
https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-07
https://www.doverfuelingsolutions.com/mea/en/products-and-solutions/automatic-ta...