CVE-2025-3590

MEDIUM EPSS 25.1%

Published Apr 14, 20251y ago · Modified Jun 17, 20261w ago

5.3 CVSS 4.0

Medium

Published Apr 14, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability has been found in Adianti Framework up to 8.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.1 is able to address this issue. It is recommended to upgrade the affected component.

CVSS Details

Base Score

5.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

25.1% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-20 Improper Input Validation Validation

CWE-502 Deserialization of Untrusted Data Validation

References 4

gist.github.com https://gist.github.com/mcdruid/8412cfb55f443a1344ff41af0ce1b215
vuldb.com https://vuldb.com/?ctiid.304645
vuldb.com https://vuldb.com/?id.304645
vuldb.com https://vuldb.com/?submit.550296

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.