CVE-2025-0674CRITICAL 9.8EPSS p88.6%

CVE-2025-0674CVE-2025-0674

Description

Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system. This grants them unauthorized administrative access to protected areas of the application, compromising the device's system security.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS3.80% probability of exploitation · percentile 88.6% · 2026-06-19T12:03:05Z
Published2025-02-07
Last modified2026-04-15

Underlying weaknesses· 1

CWE-288

References

  1. https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass Using an Alternate Path or Channelcwe-2880%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-28238
CVE
CVE-2025-63225
CVE
CVE-2026-28536
CVE
CVE-2025-41652
CVE
CVE-2025-48469
CVE
CVE-2026-24789
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.