High Published: Nov 06, 2025 Modified: Nov 21, 2025

CVE-2025-58423

8.8 CVSS SCORE

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Due to insufficient sanitization, an attacker can upload a specially
crafted configuration file to cause a denial-of-service condition,
traverse directories, or read/write files, within the context of the
local system account.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Affected Software Configurations

a advantech deviceon\/iedge * * * * * * * *

Weaknesses (CWE)

CWE-22

References & External Links

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json
https://www.advantech.com/emt/contact
https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker