216.73.217.80

CVE-2025-47418

· Published 06/05/2025 21:16 · Modified 06/05/2025 21:16

Labels: CVE-2025-47418 2025-05-0625b0b659-c4b4-483f-aecb-067757d23ef3CVE-2025-47418CWE-200

Essential information

Published
06/05/2025 21:16
Modified
06/05/2025 21:16
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. There is no visible indication when the system is recording and recording can be enabled remotely via a network API. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
25b0b659-c4b4-483f-aecb-067757d23ef3
NVD
View on NVD

Affected products (CPE)

ProductCPE
crestron / automate vx cpe:2.3:a:crestron:automate_vx:5.6.8161.21536-6.4.0.49:*:*:*:*:*:*:*

References