CNNVD-202512-1229 Information

Dec 09, 2025 cve

CNNVD ID

CNNVD-202512-1229

CVE-2025-34414

  • CNNVD Published: 2025-12-09

Description (Chinese)

Entrust Instant Financial Issuance(Entrust Cardwizard)是美国Entrust公司的一个即时金融卡发行解决方案。 Entrust Instant Financial Issuance 5.x版本、6.10.5之前版本和6.11.1之前版本存在代码问题漏洞,该漏洞源于.NET Remoting服务不安全配置,可能导致任意文件读取和远程代码执行。

Description (English)

Entrust Instant Financial Insurance (Entrust Cardwizard) is an immediate financial card issuance solution for the United States company Entrust. Entrust Instant Financial Insurance 5.x, 6.10.5 and 6.11.1 have code gaps that stem from the unsafe configuration of …NET Remoting services, which may lead to any file reading and remote code execution.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Entrust

Published

2025-12-09

Last Modified

2026-02-24

References

https://www.entrust.com/knowledgebase https://trustedcare.entrust.com/s/article/E25-008-NET-Remoting-Vulnerabilities-in-Instant-Financial-Issuance-On-Premise-Software https://www.vulncheck.com/advisories/entrust-ifi-legacy-remoting-unauthenticated-net-remoting-exposure https://www.entrust.com/products/issuance-systems/instant/financial-card https://access.redhat.com/security/cve/cve-2025-34414

Share on: