Vulnerability Description
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized modification of certain information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ericsson | Indoor Connect 8855 Firmware | < 2025.q3 |
| Ericsson | Indoor Connect 8855 | - |
Related Weaknesses (CWE)
References
- https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-40841Vendor Advisory
- https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorconnVendor Advisory
FAQ
What is CVE-2025-40841?
CVE-2025-40841 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized modification of certain information.
How severe is CVE-2025-40841?
CVE-2025-40841 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-40841?
Check the references section above for vendor advisories and patch information. Affected products include: Ericsson Indoor Connect 8855 Firmware, Ericsson Indoor Connect 8855.