Cyber Posture

CVE-2025-0675

High

Published: 07 February 2025

Published
07 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0010 26.7th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0675 is a high-severity Hidden Functionality (CWE-912) vulnerability in Cisa (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique System Information Discovery (T1082); ranked at the 26.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AU-13 (Monitoring for Information Disclosure).

Threat & Defense at a Glance

What attackers do: exploitation maps to System Information Discovery (T1082) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly identifies, reports, and corrects the specific flaw in Elber products enabling unauthenticated disclosure of device configuration data.

AC-14 Permitted Actions Without Identification or Authentication good match
prevent

Limits and authorizes only necessary actions without identification or authentication, preventing unauthenticated access to sensitive configuration and hidden functionality.

AU-13 Monitoring for Information Disclosure good match
detect

Monitors systems for unauthorized attempts to access sensitive configuration data, enabling detection of exploitation of this information disclosure vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1082 System Information Discovery Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
attack.mitre.org →
T1602 Data from Configuration Repository Collection
Adversaries may collect data related to managed devices from configuration repositories.
attack.mitre.org →
Why these techniques?

Direct unauthenticated disclosure of device configuration data and hidden functionality enables system information discovery (T1082) and access to configuration repositories (T1602).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Multiple Elber products suffer from an unauthenticated device configuration and client-side hidden functionality disclosure.

Deeper analysisAI

CVE-2025-0675 is an information disclosure vulnerability affecting multiple Elber products, enabling unauthenticated access to device configuration data and client-side hidden functionality. Published on 2025-02-07, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is linked to CWE-912 (Hidden Functionality).

Remote attackers require only network access and face low complexity barriers, with no privileges, authentication, or user interaction needed. Successful exploitation allows disclosure of sensitive configuration details and hidden features, resulting in high confidentiality impact without affecting integrity or availability.

The CISA ICS Advisory ICSA-25-035-03 provides details on mitigation strategies and affected products; practitioners should consult https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03 for patches and remediation guidance.

Details

CWE(s)
CWE-912

Affected Products

Cisa
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-30704Shared CWE-912
CVE-2026-1952Shared CWE-912
CVE-2025-0626Shared CWE-912
CVE-2026-3587Shared CWE-912
CVE-2026-33280Shared CWE-912
CVE-2025-48418Shared CWE-912
CVE-2024-39754Shared CWE-912
CVE-2026-34769Shared CWE-912
CVE-2024-13062Shared CWE-912
CVE-2026-41446Shared CWE-912

References