Delta Electronics COMMGR (Update A)

🗓️ 15 Apr 2025 06:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics

ics🔗 www.cisa.gov👁 16 Views

Vulnerability allows remote access to AS3000Simulator software and code execution risks identified.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-3495	15 Apr 202510:00	–	circl
CNNVD	Delta Electronics COMMGR 安全漏洞	16 Apr 202500:00	–	cnnvd
CNVD	Delta Electronics COMMGR Code Execution Vulnerability	22 Apr 202500:00	–	cnvd
CVE	CVE-2025-3495	16 Apr 202503:10	–	cve
Cvelist	CVE-2025-3495 COMMGR - Insufficient Randomization Authentication Bypass	16 Apr 202503:10	–	cvelist
EUVD	EUVD-2025-11466	3 Oct 202520:07	–	euvd
NVD	CVE-2025-3495	16 Apr 202503:15	–	nvd
Positive Technologies	PT-2025-16552 · Delta Electronics · Commgr	15 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-3495	18 Apr 202503:58	–	redhatcve
Vulnrichment	CVE-2025-3495 COMMGR - Insufficient Randomization Authentication Bypass	16 Apr 202503:10	–	vulnrichment

Source	Link
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-105-07.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-25-105-07
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
cisa	www.cisa.gov/topics/industrial-control-systems
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B
cisa	www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf
cisa	www.cisa.gov/uscert/ncas/tips/ST04-014

15 Apr 2025 06:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.19.8

EPSS0.00435

SSVC

remote access code execution risk evaluation defensive measures cybersecurity strategies session ids