CVE-2025-67159
Published: 02 January 2026
Summary
CVE-2025-67159 is a high-severity Cleartext Transmission of Sensitive Information (CWE-319) vulnerability in Vatilon Pa4 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Network Sniffing (T1040); ranked at the 3.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-8 (Transmission Confidentiality and Integrity).
Deeper analysis
CVE-2025-67159, published on 2026-01-02, affects Vatilon version v1.12.37-20240124. The vulnerability consists of the software transmitting user credentials in plaintext, mapped to CWE-319 (Cleartext Transmission of Sensitive Information). It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high severity primarily from confidentiality impact.
The vulnerability can be exploited by any network-adjacent attacker with the ability to intercept traffic, requiring no privileges, user interaction, or special conditions due to low attack complexity and network accessibility. Exploitation enables the attacker to capture plaintext user credentials, resulting in high-impact disclosure of sensitive authentication data without affecting integrity or availability.
Mitigation details are available in advisories referenced at http://vatilon.com and https://github.com/Remenis/CVE-2025-67159.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-0045
Vulnerability details
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Cleartext credential transmission (CWE-319) directly enables network sniffing to capture authentication data in transit.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires protection of transmitted information confidentiality using cryptographic mechanisms, directly preventing plaintext credential interception by network attackers.
Mandates use of compliant cryptographic modules and standards to implement transmission protections, ensuring credentials are not sent in plaintext.
Requires management and protection of authenticators from unauthorized disclosure, including secure transmission methods to mitigate plaintext credential exposure.