Home Embedded Vulns General Vulns

CVE-2025-35983

MEDIUM 6.5

Our Analysis: Embedded

Our model has classified this vulnerability as relevant to Embedded Systems, helping your team prioritize efforts effectively.

Published Date July 10, 2025
Last Modified July 10, 2025
CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L

Description

Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected.

This issue affects Controller 7000:

9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).