Unrated severityNVD Advisory· Published Jan 22, 2026· Updated Jan 22, 2026

Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks

CVE-2025-27377

Description

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.

Affected products

Altium/Altium Designerllm-create
Range: = 24.9.0
Altium/Altium Designerv5
Range: 24.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.altium.com/platform/security-compliance/security-advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000