CVE-2025-5597

10.0

Critical

Published:4 Jun 2025

Last updated:17 Jun 2026

Source:vulnerability@ncsc.ch

Deferred

Weakness (CWE)

CWE-287Improper Authentication

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: Low
Attack Requirements: None
Privileges Required: None
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): High
Integrity (Subsequent): High
Availability (Subsequent): High

View on MITRE Find PoC on GitHub

Description

Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Authentication Bypass.This issue affects airleader MASTER: 3.00571.

References

vulnerability@ncsc.ch

https://github.com/migros/migros-security-advisories/blob/main/advisories/msec-2025-003_wf-seuerungstechnik-gmbh_airleader-master_authentication-bypass.md