Vulnerabilities

CVE-2025-3495

by Fred · 16/04/2025

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

Assigner : PSIRT@deltaww.com

More information : https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf

Similar

Tags: Cybersecurity Alert