VDB
CVE-2025-64302
CVE-2025-64302
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a device error causing information disclosure or data manipulation.
EPSS 0.04% · 12.9th percentile
Risk Scores
CVSS 3.1
6.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS Score
0.04%
12.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | DeviceOn/iEdge | 0 |
| advantech | deviceon\/iedge | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-64302 (circl-sighting)
- CIRCL seen: CVE-2025-64302 (circl-sighting)
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01 (circl)
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json (circl)
- https://www.advantech.com/emt/contact (circl)
- CVE-2025-48799.yara (github-yara)
- CVE-2025-48799.yara (github-yara)
- CVE-2025-48799.yara (github-yara)
- CVE-2025-48799.yara (github-yara)
- CVE-2025-48799.yara (github-yara)
…and 3 more exploits
Timeline
- Jul 21, 2025 PoC Published
- Nov 6, 2025 PoC Published
- Nov 6, 2025 CVE Published
- Nov 7, 2025 EPSS Score
- Nov 7, 2025 PoC Published
- Nov 12, 2025 EPSS Score
- Nov 18, 2025 EPSS Score
- Nov 19, 2025 CVE Updated
- Nov 23, 2025 EPSS Score
- Nov 28, 2025 EPSS Score
- Dec 4, 2025 EPSS Score
- Dec 9, 2025 EPSS Score