CVE-2025-1265

Published Feb 20, 2025

Last updated a month ago

CVSS critical 9.4

Overview

Description
An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an attacker to escalate privileges and perform code execution on affected system.
Source
ics-cert@hq.dhs.gov
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.4
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

CVSS 3.1

Type
Secondary
Base score
9.9
Impact score
6
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

ics-cert@hq.dhs.gov
CWE-78

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    5 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    4 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    3 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    2 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    1 Mar 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    28 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    28 Feb 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  8. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    27 Feb 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    26 Feb 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  10. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    26 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    25 Feb 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    24 Feb 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  13. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    23 Feb 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  14. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    22 Feb 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. 🚨 CVE-2025-1265 ⚠️🔴 CRITICAL (9.9) 🏢 Elseta - Vinci Protocol Analyzer 🏗️ 0 🔗 https://t.co/tWccUdDiMq 🔗 https://t.co/IGjLrU6ynD #CyberCron #VulnAlert https://t.co/4CyF5e1VVa

    @cybercronai

    22 Feb 2025

    12 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    22 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  17. Actively exploited CVE : CVE-2025-1265

    @transilienceai

    21 Feb 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  18. ⚠️ Vulnerability Alert: Elseta Vinci Protocol Analyzer OS Command Injection 📅 Timeline: Disclosure: 2025-02-20, Patch: 2025-02-20 📌 Attribution: 🆔cveId: CVE-2025-1265 📊baseScore: 9.4 📏cvssMetrics: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvssSeverity: Critical 🔴… https://t.

    @syedaquib77

    21 Feb 2025

    16 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. New post from https://t.co/uXvPWJy6tj (CVE-2025-1265 | Elseta Vinci Protocol Analyzer prior 3.2.3.19 os command injection (icsa-25-051-06)) has been published on https://t.co/zRKju6espz

    @WolfgangSesin

    20 Feb 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. [CVE-2025-1265: CRITICAL] An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an attacker to escalate privileges and perform code execution on affected system.#cybersecurity,#vulnerability https://t.co/vyU8kNsKQp https://t.co/EU5bRcZhaO

    @CveFindCom

    20 Feb 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References