CVE-2025-40842

216.73.216.36

· Published 25/03/2026 14:16 · Modified 25/03/2026 15:41

Labels: CVE-2025-40842 2026-03-25 85b1779b-6ecd-4f52-bcc5-73eac4659dcf CVE-2025-40842 CWE-79

Essential information

Published: 25/03/2026 14:16
Modified: 25/03/2026 15:41
Author: —
Creator: —
CVSS: 8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 85b1779b-6ecd-4f52-bcc5-73eac4659dcf
NVD: View on NVD

Affected products (CPE)

Product	CPE
ericsson / indoor connect 8855	`cpe:2.3:a:ericsson:indoor_connect_8855:<2025.Q3:::::::*`