High severity8.8NVD Advisory· Published Jul 11, 2025· Updated Jun 17, 2026
CVE-2025-53475
CVE-2025-53475
Description
A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- www.cisa.gov/news-events/ics-advisories/icsa-25-191-08nvdThird Party AdvisoryUS Government Resource
- www.advantech.com/en/support/details/firmware-nvdProduct
News mentions
0No linked articles in our index yet.