CWE-941
Incorrectly Specified Destination in a Communication Channel
The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.
CVE-2025-0036 (GCVE-0-2025-0036)
Vulnerability from cvelistv5
Published
2025-06-09 23:57
Modified
2025-06-30 14:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-682 - Incorrect Calculation
- CWE-772 - Missing Release of Resource after Effective Lifetime
- CWE-940 - Improper Verification of Source of a Communication Channel
- CWE-941 - Incorrectly Specified Destination in a Communication Channel
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Summary
In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | Versal Adaptive SoC Devices |
Patch: 2025.1 release |
||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T14:19:45.871057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T15:27:43.315Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Versal Adaptive SoC Devices",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal RF Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal AI Edge Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal Prime Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal Premium Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal AI Core Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Versal HBM Series",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
},
{
"defaultStatus": "affected",
"product": "Alveo V80 Compute Accelerator",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "2025.1 release"
}
]
}
],
"datePublic": "2025-06-03T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.\u003cbr\u003e"
}
],
"value": "In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-940",
"description": "CWE-940 Improper Verification of Source of a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-941",
"description": "CWE-941 Incorrectly Specified Destination in a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T14:48:59.255Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8011.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0036",
"datePublished": "2025-06-09T23:57:39.748Z",
"dateReserved": "2024-11-21T16:18:02.918Z",
"dateUpdated": "2025-06-30T14:48:59.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53899 (GCVE-0-2025-53899)
Vulnerability from cvelistv5
Published
2025-11-29 02:25
Modified
2025-12-01 15:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-941 - Incorrectly Specified Destination in a Communication Channel
Summary
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances to intercept upstream communication which could lead to an escalation of privileges. This issue has been patched in version 9.1.0.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| kiteworks | security-advisories |
Version: < 9.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T15:41:01.311382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T15:41:27.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "kiteworks",
"versions": [
{
"status": "affected",
"version": "\u003c 9.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances to intercept upstream communication which could lead to an escalation of privileges. This issue has been patched in version 9.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-941",
"description": "CWE-941: Incorrectly Specified Destination in a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-29T02:25:23.493Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gx5-vcpp-8cr5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gx5-vcpp-8cr5"
}
],
"source": {
"advisory": "GHSA-5gx5-vcpp-8cr5",
"discovery": "UNKNOWN"
},
"title": "Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53899",
"datePublished": "2025-11-29T02:25:23.493Z",
"dateReserved": "2025-07-11T19:05:23.826Z",
"dateUpdated": "2025-12-01T15:41:27.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.