VYPR

SEVD-2025-042-01

by Schneider Electric

CVEs (3)

  • CVE-2025-1070HigFeb 13, 2025
    risk 0.53cvss 8.1epss 0.00

    CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded.

  • CVE-2025-1060HigFeb 13, 2025
    risk 0.49cvss 7.5epss 0.00

    CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker.

  • CVE-2025-0816MedFeb 13, 2025
    risk 0.42cvss 6.5epss 0.00

    CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the product when malicious IPV6 packets are sent to the device.