← volver
CVE-2025-47418

Recording

CVSS 5.3 MEDIUMEPSS 0.3%CWE-200
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. There is no visible indication when the system is recording and recording can be enabled remotely via a network API. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Crestron · Automate VX

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://security.crestron.com/https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdfhttps://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8