CNNVD-202511-2859 Information

CNNVD ID

CNNVD-202511-2859

Related CVE

CVE-2025-64129

• CNNVD Published: 2025-11-26

Description (Chinese)

Zenitel TCIV-3+是挪威Zenitel公司的一个IP对讲终端。 Zenitel TCIV-3+存在缓冲区错误漏洞，该漏洞源于越界写入，可能导致远程攻击者使设备崩溃。

Description (English)

Zenitel TCIV-3+ is an IP chat terminal for Zenitel, Norway. Zenitel TCIV-3+ has an error loophole in the buffer zone, which stems from cross-border writing and could lead to a breakdown of equipment by remote attackers.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

Zenitel

Published

2025-11-26

Last Modified

2026-02-24

References

https://wiki.zenitel.com/wiki/Downloads#Station_and_Device_Firmware_Package_.28VS-IS.29 https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-03 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-329-03.json https://access.redhat.com/security/cve/cve-2025-64129

Patch

https://wiki.zenitel.com/wiki/Downloads#Station_and_Device_Firmware_Package_.28VS-IS.29