216.73.216.133

CVE-2025-52457

· Published 18/11/2025 04:15 · Modified 18/11/2025 14:06

Labels: CVE-2025-52457 2025-11-18CVE-2025-52457CWE-208[email protected]

Essential information

Published
18/11/2025 04:15
Modified
18/11/2025 14:06
Author
Creator
CVSS
5.7 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS metrics

Description

Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References