Medium severity5.8NVD Advisory· Published Aug 8, 2025· Updated Apr 15, 2026

CVE-2025-47872

Description

The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gain information on the product registration status of different S/Ns.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

eg4electronics.com/contact/nvd
www.cisa.gov/news-events/ics-advisories/icsa-25-219-07nvd

News mentions

No linked articles in our index yet.

cvss	0.377
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000