Authentication Bypass Using an Alternate Path or Channel in Raisecomm...

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials.

AI Analysis

Authentication bypass vulnerability in Raisecomm RAX701-GC Series devices, allowing attackers to gain shell access without valid credentials.

Basic Information

ID CVE-2025-11534

Source icscert

Published Oct 21, 2025 at 16:59

Modified Oct 21, 2025 at 19:39

Affected Product

Vendor Raisecomm

Product RAX701-GC-WP-01 P200R002C52

Version Firmware version 5.5.27_20190111

Affected Versions Raisecomm RAX701-GC-WP-01 P200R002C52 Firmware version 5.5.27_20190111
Raisecomm RAX701-GC-WP-01 P200R002C53 Firmware version 5.5.13_20180720
Raisecomm RAX701-GC-WP-01 P200R002C53 Firmware version 5.5.36_20190709

CWE Classification

CWE-288

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Raisecomm

Product RAX701-GC Series

Version 5.5.27_20190111, 5.5.13_20180720, 5.5.36_20190709

References

{
    "lastseen": "",
    "description": "The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials.",
    "published": "2025-10-21T16:59:29.846Z",
    "modified": "2025-10-21T19:39:16.122Z",
    "type": "cve",
    "title": "Authentication Bypass Using an Alternate Path or Channel in Raisecomm RAX701-GC Series",
    "source": "icscert",
    "references": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-06\nhttps://www.runzero.com/advisories/raisecom-ssh-bypass-cve-2025-11534/",
    "id": "CVE-2025-11534",
    "bulletinFamily": "",
    "cwe": [
        "CWE-288"
    ],
    "cvelist": null,
    "sourceData": "Raisecomm RAX701-GC-WP-01 P200R002C52 Firmware version 5.5.27_20190111\nRaisecomm RAX701-GC-WP-01 P200R002C53 Firmware version 5.5.13_20180720\nRaisecomm RAX701-GC-WP-01 P200R002C53 Firmware version 5.5.36_20190709",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RAX701-GC-WP-01 P200R002C52",
    "version": "Firmware version 5.5.27_20190111",
    "vendor": "Raisecomm",
    "ai_description": "Authentication bypass vulnerability in Raisecomm RAX701-GC Series devices, allowing attackers to gain shell access without valid credentials.",
    "ai_severity": "Critical",
    "ai_vendor": "Raisecomm",
    "ai_product": "RAX701-GC Series",
    "ai_version": "5.5.27_20190111, 5.5.13_20180720, 5.5.36_20190709",
    "ai_score": 9.3
}

Authentication Bypass Using an Alternate Path or Channel in Raisecomm RAX701-GC Series_CVE-2025-11534