CVE-2025-26473

High

Published: 13 February 2025

Published

13 February 2025

Modified

19 March 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0022 43.9th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-26473 is a high-severity Use of GET Request Method With Sensitive Query Strings (CWE-598) vulnerability in Outbackpower Mojave Inverter Oghi8048A Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Sniffing (T1040); ranked at the 43.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-8 (Transmission Confidentiality and Integrity) and AU-13 (Monitoring for Information Disclosure).

Threat & Defense at a Glance

What attackers do: exploitation maps to Network Sniffing (T1040). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-8 Transmission Confidentiality and Integrity good match

prevent

Requires cryptographic protection of transmitted information, directly preventing interception of sensitive data exposed in HTTP GET query strings.

SC-7 Boundary Protection partial match

prevent

Monitors and controls communications at system boundaries, limiting network access required by remote attackers to intercept GET requests.

AU-13 Monitoring for Information Disclosure partial match

detect

Monitors for unauthorized disclosure of sensitive information, enabling detection of exploitation involving GET parameter interception.

MITRE ATT&CK Enterprise TechniquesAI

T1040 Network Sniffing Credential Access

Adversaries may passively sniff network traffic to capture information about an environment, including authentication material passed over the network.

attack.mitre.org →

Why these techniques?

The vulnerability allows remote attackers to intercept or directly access HTTP GET requests containing sensitive information in query strings (CWE-598), directly enabling network sniffing to capture the exposed data.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

The Mojave Inverter uses the GET method for sensitive information.

Deeper analysisAI

CVE-2025-26473 is a vulnerability in the Mojave Inverter, where the device uses the GET method to transmit sensitive information, corresponding to CWE-598. This issue was published on 2025-02-13 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), highlighting high confidentiality impact with no integrity or availability disruption.

Remote attackers require only network access to exploit this vulnerability, with no privileges, user interaction, or special conditions needed. Exploitation involves intercepting or directly accessing HTTP GET requests, allowing retrieval of sensitive information embedded in query strings.

The CISA advisory ICSA-25-044-17 provides details on mitigation steps for this vulnerability. Additional vendor contact information is available via Outback Power at the referenced support page.