CVE-2025-48463 — LOW (3.1) — White Hats Nepal

Vulnerability Description

Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering.

CVSS Score

3.1

LOW

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Advantech	Wise-4060Lan Firmware	-
Advantech	Wise-4060Lan	-
Advantech	Wise-4050Lan Firmware	-
Advantech	Wise-4050Lan	-
Advantech	Wise-4010Lan Firmware	-
Advantech	Wise-4010Lan	-

Related Weaknesses (CWE)

CWE-312

References

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061Third Party Advisory

FAQ

What is CVE-2025-48463?

CVE-2025-48463 is a vulnerability with a CVSS score of 3.1 (LOW). Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, ...

How severe is CVE-2025-48463?

CVE-2025-48463 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-48463?

Check the references section above for vendor advisories and patch information. Affected products include: Advantech Wise-4060Lan Firmware, Advantech Wise-4060Lan, Advantech Wise-4050Lan Firmware, Advantech Wise-4050Lan, Advantech Wise-4010Lan Firmware.