Authenticated Remote Code Execution in zForm_auto_config_CVE-2025-59817

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity.

Basic Information

ID CVE-2025-59817

Source NCSC-NL

Published Sep 25, 2025 at 19:30

Affected Product

Vendor Zenitel

Product TCIS-3+

Version <9.2.3.3

Affected Versions Zenitel TCIS-3+ <9.2.3.3

CWE Classification

CWE-77

References

wiki.zenitel.com /wiki/Downloads

{
    "lastseen": "",
    "description": "This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity.",
    "published": "2025-09-25T19:30:15.139Z",
    "modified": "2025-09-25T19:30:15.139Z",
    "type": "cve",
    "title": "Authenticated Remote Code Execution in zForm_auto_config",
    "source": "NCSC-NL",
    "references": "https://wiki.zenitel.com/wiki/Downloads#Stations_and_Devices",
    "id": "CVE-2025-59817",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "Zenitel TCIS-3+ <9.2.3.3",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TCIS-3+",
    "version": "<9.2.3.3",
    "vendor": "Zenitel",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}