Observable discrepancy in EG4 Electronics products - CVE-2025-47872
Published: August 8, 2025
Vulnerability identifier: #VU113776
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-47872
CWE-ID: CWE-203
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: EG4 Electronics
Affected software:
EG4 12kPV
EG4 18kPV
EG4 Flex 21
EG4 Flex 18
EG4 6000XP
EG4 12000XP
EG4 GridBoss
EG4 12kPV
EG4 18kPV
EG4 Flex 21
EG4 Flex 18
EG4 6000XP
EG4 12000XP
EG4 GridBoss
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to observable discrepancy. A remote attacker can gain information on the product registration status of different S/Ns.
How to mitigate CVE-2025-47872
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.