CVE-2025-47419 Information
May 07, 2025
cve
Description
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic.
The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords.
This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
Reference
https://security.crestron.com/ https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdf https://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8
Share on: