Cyber Resilience

CVE-2025-26473

High

Published: 13 February 2025

Published
13 February 2025
Modified
19 March 2025
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0045 63.9th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-26473 is a high-severity Use of HTTP Request With Sensitive Query String (CWE-598) vulnerability in Outbackpower Mojave Inverter Oghi8048A Firmware. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Sniffing (T1040); ranked in the top 36.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-8 (Transmission Confidentiality and Integrity) and AU-13 (Monitoring for Information Disclosure).

Deeper analysis

CVE-2025-26473 is a vulnerability in the Mojave Inverter, where the device uses the GET method to transmit sensitive information, corresponding to CWE-598. This issue was published on 2025-02-13 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), highlighting high confidentiality impact with no integrity or availability disruption.

Remote attackers require only network access to exploit this vulnerability, with no privileges, user interaction, or special conditions needed. Exploitation involves intercepting or directly accessing HTTP GET requests, allowing retrieval of sensitive information embedded in query strings.

The CISA advisory ICSA-25-044-17 provides details on mitigation steps for this vulnerability. Additional vendor contact information is available via Outback Power at the referenced support page.

EU & UK References

Vulnerability details

The Mojave Inverter uses the GET method for sensitive information.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1040 Network Sniffing Credential Access
Adversaries may passively sniff network traffic to capture information about an environment, including authentication material passed over the network.
Why these techniques?

The vulnerability allows remote attackers to intercept or directly access HTTP GET requests containing sensitive information in query strings (CWE-598), directly enabling network sniffing to capture the exposed data.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-24861Same product: Outbackpower Mojave Inverter Oghi8048A
CVE-2025-25281Same product: Outbackpower Mojave Inverter Oghi8048A
CVE-2026-34020Shared CWE-598
CVE-2021-41719Shared CWE-598
CVE-2025-69270Shared CWE-598
CVE-2026-25118Shared CWE-598
CVE-2025-41772Shared CWE-598
CVE-2026-22644Shared CWE-598
CVE-2026-23846Shared CWE-598
CVE-2025-13219Shared CWE-598

Affected Assets

outbackpower
mojave inverter oghi8048a firmware
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires cryptographic protection of transmitted information, directly preventing interception of sensitive data exposed in HTTP GET query strings.

prevent

Monitors and controls communications at system boundaries, limiting network access required by remote attackers to intercept GET requests.

detect

Monitors for unauthorized disclosure of sensitive information, enabling detection of exploitation involving GET parameter interception.

References