CVE-2025-56231_CVE-2025-56231

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections.

AI Analysis

Missing SSL Certificate Validation vulnerability in Tonec Internet Download Manager

Basic Information

ID CVE-2025-56231

Source mitre

Published Nov 5, 2025 at 00:00

Modified Nov 5, 2025 at 20:24

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-295

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Tonec

Product Internet Download Manager

Version 6.42.41.1 and earlier

References

{
    "lastseen": "",
    "description": "Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections.",
    "published": "2025-11-05T00:00:00.000Z",
    "modified": "2025-11-05T20:24:57.560Z",
    "type": "cve",
    "title": "CVE-2025-56231",
    "source": "mitre",
    "references": "http://tonec.com\nhttps://www.notion.so/CVE-2025-56231-2a04e9f2a40d80b184f4d02be58d3600",
    "id": "CVE-2025-56231",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "Missing SSL Certificate Validation vulnerability in Tonec Internet Download Manager",
    "ai_severity": "Critical",
    "ai_vendor": "Tonec",
    "ai_product": "Internet Download Manager",
    "ai_version": "6.42.41.1 and earlier",
    "ai_score": 9.1
}