← back
CVE-2025-0417

Valmet DNA Lack of protection against brute force attacks

CVSS 7 HIGHEPSS 0.1%CWE-307
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Green
Affected products
Valmet · Valmet DNA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0417/