CNNVD-202509-2312 Information

Sep 16, 2025 cve

CNNVD ID

CNNVD-202509-2312

CVE-2025-34187

CNNVD Published: 2025-09-16

Description (Chinese)

Ilevia EVE X1 Server和Ilevia EVE X5 Server都是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server和Ilevia EVE X5 Server 4.7.18.0.eden及之前版本存在安全漏洞，该漏洞源于sudoers文件配置不当，可能导致远程权限提升和系统破解。

Description (English)

Ilevia EVE X1 Server and Ilevia EVE X5 Server are both intelligent homes and buildings automated by the Italian company Ilevia. Ilevia EVE X1 Server and Ilevia EVE X5 Server 4.7.18.0.eden and previous versions had a security loophole, which stemmed from the inappropriate configuration of the sudoers files, which could lead to remote privileges enhancement and system breakdown.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ilevia

Published

2025-09-16

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/ilevia-eve-x1-x5-server-reverse-rootshell https://packetstorm.news/files/id/209226/ https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5959.php https://www.ilevia.com/ https://access.redhat.com/security/cve/cve-2025-34187

Share on: