VYPR
Vendor

ISTAR

Products
3
CVEs
3
Across products
3
Status
Private

Products

3

Recent CVEs

3
  • CVE-2025-53695CriJul 28, 2025
    risk 0.61cvss epss 0.01

    OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root' user) to the device firmware.

  • CVE-2025-53696CriJul 28, 2025
    risk 0.60cvss epss 0.00

    iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected.

  • CVE-2025-26383MedJun 11, 2025
    risk 0.41cvss epss 0.00

    The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.