#VU113776 Observable discrepancy in EG4 Electronics products - CVE-2025-47872
Published: August 8, 2025
Vulnerability identifier: #VU113776
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-47872
CWE-ID: CWE-203
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
EG4 12kPV
EG4 18kPV
EG4 Flex 21
EG4 Flex 18
EG4 6000XP
EG4 12000XP
EG4 GridBoss
EG4 12kPV
EG4 18kPV
EG4 Flex 21
EG4 Flex 18
EG4 6000XP
EG4 12000XP
EG4 GridBoss
Software vendor:
EG4 Electronics
EG4 Electronics
Description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to observable discrepancy. A remote attacker can gain information on the product registration status of different S/Ns.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.