← Volver a CVEs
CVE-2025-54551
MEDIUM4.3
Descripcion
Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the search function.
Detalles CVE
Puntuacion CVSS v3.14.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado8/20/2025
Ultima modificacion8/20/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-472
Referencias
https://healthcaresolutions-us.fujifilm.com/synapse-mobility-vulnerability-notification(vultures@jpcert.or.jp)
https://jvn.jp/en/vu/JVNVU94286093/(vultures@jpcert.or.jp)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.