Medium severity6.1NVD Advisory· Published Mar 10, 2025· Updated Apr 15, 2026
CVE-2025-27253
CVE-2025-27253
Description
A CWE-15 "External Control of System or Configuration Setting" in GE Vernova UR IED family devices from version 7.0 up to 8.60 allows an attacker to provide input that establishes a TCP connection through a port forwarding. The lack of the IP address and port validation may allow the attacker to bypass firewall rules or to send malicious traffic in the network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=7.0, <=8.60
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.