CVE-2025-48468 (GCVE-0-2025-48468)

Vulnerability from cvelistv5 – Published: 2025-06-24 02:16 – Updated: 2025-06-25 13:30
VLAI
Title
Open JTAG Debug Port
Summary
Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.
Severity
6.4 (Medium)
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
CSA
References
Impacted products
Date Public
2025-06-24 02:00
Credits
Marc Heuse
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-24T15:22:48.623146Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1191",
                "description": "CWE-1191 On-Chip Debug and Test Interface With Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-25T13:30:04.047Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Advantech Wireless Sensing and Equipment (WISE)",
          "vendor": "Advantech",
          "versions": [
            {
              "status": "affected",
              "version": "A2.01 B00"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Marc Heuse"
        }
      ],
      "datePublic": "2025-06-24T02:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware."
            }
          ],
          "value": "Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-24T02:42:46.257Z",
        "orgId": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4",
        "shortName": "CSA"
      },
      "references": [
        {
          "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Users and administrators of affected products are advised to update to firmware version A2.02 B00.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Users and administrators of affected products are advised to update to firmware version A2.02 B00."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Open JTAG Debug Port",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5f57b9bf-260d-4433-bf07-b6a79e9bb7d4",
    "assignerShortName": "CSA",
    "cveId": "CVE-2025-48468",
    "datePublished": "2025-06-24T02:16:21.830Z",
    "dateReserved": "2025-05-22T09:41:25.402Z",
    "dateUpdated": "2025-06-25T13:30:04.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-48468",
      "date": "2026-05-31",
      "epss": "0.00083",
      "percentile": "0.24224"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-48468\",\"sourceIdentifier\":\"5f57b9bf-260d-4433-bf07-b6a79e9bb7d4\",\"published\":\"2025-06-24T03:15:34.267\",\"lastModified\":\"2025-07-09T15:20:29.410\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.\"},{\"lang\":\"es\",\"value\":\"La explotaci\u00f3n exitosa de la vulnerabilidad podr\u00eda permitir que un atacante con acceso f\u00edsico a la interfaz con JTAG inyecte o modifique el firmware.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"5f57b9bf-260d-4433-bf07-b6a79e9bb7d4\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1191\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:wise-4010lan_firmware:2.02b00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"329D6F6B-850F-408B-8335-820C61C1085D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:wise-4010lan:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9241107A-6586-475F-AE13-C541F9AE8AE6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:wise-4050lan_firmware:2.02b00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108653D3-5184-44B1-B2BE-F8D7E8011058\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:wise-4050lan:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72DFF800-1684-4038-BB79-C679DCAF4105\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:advantech:wise-4060lan_firmware:2.02b00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FD59CB-F033-4D1B-A24C-32C361ACCD5B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:advantech:wise-4060lan:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7DCE031-021A-47BC-B81C-1B0DCB9EB8F1\"}]}]}],\"references\":[{\"url\":\"https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061\",\"source\":\"5f57b9bf-260d-4433-bf07-b6a79e9bb7d4\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48468\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-24T15:22:48.623146Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1191\", \"description\": \"CWE-1191 On-Chip Debug and Test Interface With Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-24T15:22:52.866Z\"}}], \"cna\": {\"title\": \"Open JTAG Debug Port\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Marc Heuse\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Advantech\", \"product\": \"Advantech Wireless Sensing and Equipment (WISE)\", \"versions\": [{\"status\": \"affected\", \"version\": \"A2.01 B00\"}], \"defaultStatus\": \"unknown\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Users and administrators of affected products are advised to update to firmware version A2.02 B00.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Users and administrators of affected products are advised to update to firmware version A2.02 B00.\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-06-24T02:00:00.000Z\", \"references\": [{\"url\": \"https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"5f57b9bf-260d-4433-bf07-b6a79e9bb7d4\", \"shortName\": \"CSA\", \"dateUpdated\": \"2025-06-24T02:42:46.257Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-48468\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-25T13:30:04.047Z\", \"dateReserved\": \"2025-05-22T09:41:25.402Z\", \"assignerOrgId\": \"5f57b9bf-260d-4433-bf07-b6a79e9bb7d4\", \"datePublished\": \"2025-06-24T02:16:21.830Z\", \"assignerShortName\": \"CSA\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.