CNNVD-202512-436 Information
Dec 04, 2025
cve
CNNVD ID
CNNVD-202512-436
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
MAXHUB Pivot client application是MAXHUB公司的一个设备管理平台的客户端组件。 MAXHUB Pivot client application存在授权问题漏洞,该漏洞源于密码重置机制薄弱,可能导致账户接管。
Description (English)
MAXHUB Pilot application is a client component of a MAXHUB equipment management platform. MAXHUB Pilot application has a mandate gap, which stems from weak password replacement mechanisms that may lead to account takeover.
Hazard Level
Medium
Vulnerability Type
授权问题
Affected Vendor
MAXHUB
Published
2025-12-04
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-338-02.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-02 https://www.maxhub.com/en/support/
Patch
https://www.maxhub.com/en/support/
Share on: