← voltar
CVE-2025-47418

Recording

CVSS 5.3 MEDIUMEPSS 0.3%CWE-200
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. There is no visible indication when the system is recording and recording can be enabled remotely via a network API. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Crestron · Automate VX

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://security.crestron.com/https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdfhttps://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8