CVE-2025-41679

{"id": "CVE-2025-41679", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-07-21T10:15:25.133", "references": [{"url": "https://certvde.com/de/advisories/VDE-2025-058", "source": "info@cert.vde.com"}, {"url": "http://seclists.org/fulldisclosure/2025/Jul/38", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service."}, {"lang": "es", "value": "Un atacante remoto no autenticado podr\u00eda explotar una vulnerabilidad de desbordamiento de b\u00fafer en el dispositivo, provocando una denegaci\u00f3n de servicio que afecte \u00fanicamente al servicio del asistente de inicializaci\u00f3n de red (Conftool)."}], "lastModified": "2025-11-03T20:18:49.190", "sourceIdentifier": "info@cert.vde.com"}