Vulnerability Description
Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ericsson | Indoor Connect 8855 Firmware | < 2025.q2 |
| Ericsson | Indoor Connect 8855 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-40836?
CVE-2025-40836 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.
How severe is CVE-2025-40836?
CVE-2025-40836 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-40836?
Check the references section above for vendor advisories and patch information. Affected products include: Ericsson Indoor Connect 8855 Firmware, Ericsson Indoor Connect 8855.