Unrated severityCISA KEVNVD Advisory· Published Nov 10, 2025· Updated Feb 26, 2026

CVE-2025-12480

Description

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

Affected products

TrioFox/TrioFoxv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480mitrethird-party-advisory
github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.mdmitrethird-party-advisory
access.triofox.com/releases_history/mitrerelease-notes
www.triofox.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.063
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000