CVE-2025-31144

Sažetak

Quick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, a remote unauthenticated attacker may attempt to log in to an arbitrary host via Windows system where the product is running.

Reference

https://jvn.jp/en/jp/JVN82536398/
https://mfp-support.sios.jp/hc/ja/articles/45853460006937
https://siosapps.sios.jp/agent_info/20250425001.html

CVSS

Base:	5.8
Impact:	1.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	NONE	NONE

CVSS vektor

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Zadnje važnije ažuriranje

29-04-2025 - 13:52

Objavljeno

28-04-2025 - 00:15