Main Vulnerability Database Vulnerabilities #VU113774

#VU113774 Cleartext transmission of sensitive information in EG4 Electronics products - CVE-2025-52586

Published: August 8, 2025

Vulnerability identifier: #VU113774

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-52586

CWE-ID: CWE-319

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
EG4 12kPV
EG4 18kPV
EG4 Flex 21
EG4 Flex 18
EG4 6000XP
EG4 12000XP
EG4 GridBoss

Software vendor:
EG4 Electronics

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A local attacker with ability to intercept network traffic can intercept, manipulate, replay, or forge critical data.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-07

#VU113774 Cleartext transmission of sensitive information in EG4 Electronics products - CVE-2025-52586

Description

Remediation

External links

Please verify you're human