CVE-2025-1037

Vulnerability Description

By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.

Related Weaknesses (CWE)

CWE-269

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000214&LanguageCode=e

FAQ

What is CVE-2025-1037?

CVE-2025-1037 is a documented vulnerability. By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted ...

How severe is CVE-2025-1037?

CVSS scoring is not yet available for CVE-2025-1037. Check NVD for updates.

Is there a patch for CVE-2025-1037?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.