CVE-2025-2229

Published Mar 13, 2025

Last updated 22 days ago

CVSS high 8.5

Overview

Description
A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations.
Source
ics-cert@hq.dhs.gov
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.5
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Secondary
Base score
7.7
Impact score
5.2
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity
HIGH

Weaknesses

ics-cert@hq.dhs.gov
CWE-1391

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    17 Mar 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    17 Mar 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    16 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    16 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    15 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. Actively exploited CVE : CVE-2025-2229

    @transilienceai

    15 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. ๐Ÿšจ CVE-2025-2229 ๐Ÿ”ด HIGH (7.7) ๐Ÿข Philips - Intellispace Cardiovascular (ISCV) ๐Ÿ—๏ธ 0 ๐Ÿ”— https://t.co/0BegD7wRai ๐Ÿ”— https://t.co/wIUhNXZe7x #CyberCron #VulnAlert #InfoSec https://t.co/ZOCvsReThC

    @cybercronai

    14 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. [CVE-2025-2229: HIGH] A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations.#cybersecurity,#vulnerability https://t.co/0lqBFZM2o7 https://t.co/zuaXcvX52G

    @CveFindCom

    13 Mar 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References