Vulnerability Description
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-15017?
CVE-2025-15017 is a documented vulnerability. A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface...
How severe is CVE-2025-15017?
CVSS scoring is not yet available for CVE-2025-15017. Check NVD for updates.
Is there a patch for CVE-2025-15017?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.