Vulnerability Details
Basic Information
| Title | CVE-2025-2605 |
|---|---|
| Type | cve |
| Published | 2025-05-02T13:15:46 |
| Last Seen | 2025-05-02T13:29:01 |
| CVSS Score | 9.9 (CRITICAL) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
CVE Information
| CVE IDs | CVE-2025-2605 |
|---|---|
| CWE | CWE-78 |
| Bulletin Family | cve |
Description
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.
Impact Assessment
| Base Score | 9.9 |
|---|---|
| Severity | CRITICAL |