CVE-2025-14097

HIGH
中文标题:
(暂无数据)
英文标题:
Remote Code Execution Vulnerability in Radiometer Products
CVSS分数: 7.2
发布时间: 2025-12-17 12:36:03
漏洞类型: (暂无数据)
状态: PUBLISHED
数据质量分数: 0.40
数据版本: v2
漏洞描述
中文描述:

(暂无数据)

英文描述:

A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management when specific internal conditions are met. Exploitation requires that a remote connection is established with additional information obtained through other means. The issue is caused by a weakness in the analyzer’s application software.                                                                                                                                                                                                Other related CVE's are CVE-2025-14095 & CVE-2025-14096.                                                                                                      Affected customers have been informed about this vulnerability. This CVE is being published to provide transparency. Required Configuration for Exposure: Affected application software version is in use and remote support feature is enabled in the analyzer.                                                                                                                                                                        Temporary work Around: If the network is not considered secure, please remove the analyzer from the network.                         Permanent solution: Customers should ensure the following: • The network is secure, and access follows best practices. Local Radiometer representatives will contact all affected customers to discuss a permanent solution.                                                      Exploit Status: Researchers have provided working proof-of-concept (PoC). Radiometer is not aware of any publicly available exploits at the time of this publication.

CWE类型:
CWE-287
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers Application software versions < 3.5MR11 with Windows 7, Windows XP operating systems - - cpe:2.3:a:radiometer_medical_aps:abl90_flex_and_abl90_flex_plus_analyzers:application_software_versions_<_3.5mr11_with_windows_7,_windows_xp_operating_systems:*:*:*:*:*:*:*
Radiometer Medical Aps ABL800 BASIC and ABL800 FLEX Analyzers Application software versions < 6.20MR2 with Windows 7, Windows XP operating systems - - cpe:2.3:a:radiometer_medical_aps:abl800_basic_and_abl800_flex_analyzers:application_software_versions_<_6.20mr2_with_windows_7,_windows_xp_operating_systems:*:*:*:*:*:*:*
Radiometer Medical Aps AQT90 FLEX Analyzers Application software versions <= 8.13 MR2 with Windows 7, Windows XP operating systems - - cpe:2.3:a:radiometer_medical_aps:aqt90_flex_analyzers:application_software_versions_<=_8.13_mr2_with_windows_7,_windows_xp_operating_systems:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
无标题 OTHER
cve.org
访问
CVSS评分详情
3.1 (cna)
HIGH
7.2
CVSS向量: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
机密性
HIGH
完整性
HIGH
可用性
HIGH
时间信息
发布时间:
2025-12-17 12:36:03
修改时间:
2025-12-17 14:41:13
创建时间:
2026-01-12 02:11:06
更新时间:
2026-01-12 02:27:30
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2025-14097 2025-12-19 03:24:32 2026-01-12 02:11:06
NVD nvd_CVE-2025-14097 2025-12-19 03:25:39 2026-01-12 02:27:30
版本与语言
当前版本: v2
主要语言: EN
支持语言:
EN
安全公告
暂无安全公告信息
变更历史
v2 NVD
2026-01-12 02:27:30
data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • data_sources: ['cve'] -> ['cve', 'nvd']