Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset user credentials by manipulating specific elements of the embedded web interface.

Basic Information

ID CVE-2025-6260

Source icscert

Published Jul 24, 2025 at 20:53

Modified Jul 25, 2025 at 13:31

Affected Product

Vendor Network Thermostat

Product X-Series WiFi thermostats

Version v4.5

Affected Versions Network Thermostat X-Series WiFi thermostats v4.5
Network Thermostat X-Series WiFi thermostats v9.6
Network Thermostat X-Series WiFi thermostats v10.1
Network Thermostat X-Series WiFi thermostats v11.1

CWE Classification

CWE-306

References

www.cisa.gov /news-events/ics-advisories/icsa-25-205-02

{
    "lastseen": "",
    "description": "The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset user credentials by manipulating specific elements of the embedded web interface.",
    "published": "2025-07-24T20:53:17.534Z",
    "modified": "2025-07-25T13:31:50.926Z",
    "type": "cve",
    "title": "Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function",
    "source": "icscert",
    "references": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-205-02",
    "id": "CVE-2025-6260",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Network Thermostat X-Series WiFi thermostats v4.5\nNetwork Thermostat X-Series WiFi thermostats v9.6\nNetwork Thermostat X-Series WiFi thermostats v10.1\nNetwork Thermostat X-Series WiFi thermostats v11.1",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "X-Series WiFi thermostats",
    "version": "v4.5",
    "vendor": "Network Thermostat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function_CVE-2025-6260