CVE-2025-52457 - CERT CVE

  1. CVE-2025-52457

ID CVE-2025-52457
Sažetak Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.
Reference
CVSS
Base: 5.7
Impact: 5.2
Exploitability:0.5
Pristup
VektorSloženostAutentikacija
PHYSICAL HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Zadnje važnije ažuriranje 18-11-2025 - 14:06
Objavljeno 18-11-2025 - 04:15