CVE-2025-8075
Essential information
- Published
- 26/12/2025 05:16
- Modified
- 26/12/2025 05:16
- Author
- —
- Creator
- —
- CVSS
- 5.8 MEDIUM (v3) 5.8 MEDIUM (v4.0)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
—
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Privileges required
- —
- User interaction
- —
- Scope
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Attack requirements
- PRESENT
- Privileges required
- LOW
- User interaction
- NONE
- Confidentiality (V)
- NONE
- Confidentiality (S)
- HIGH
- Integrity (V)
- NONE
- Integrity (S)
- HIGH
- Availability (V)
- NONE
- Availability (S)
- HIGH
- Exploit maturity
- NOT_DEFINED
Description
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- fc9afe74-3f80-4fb7-a313-e6f036a89882
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| nozomi networks / nozomi security | cpe:2.3:a:nozomi_networks:nozomi_security:*:*:*:*:*:*:*:* |
| xml / * | cpe:2.3:a:xml:*:*:*:*:*:*:*:* |