Lucene search
+L

8 matches found

nvd
nvd
added 2026/01/22 1:15 a.m.9 views

CVE-2025-27377

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS0.00174EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/22 12:16 a.m.4 views

CVE-2025-27377

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS5.4AI score0.00174EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/01/22 12:16 a.m.4 views

CVE-2025-27377 Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/22 12:16 a.m.29 views

CVE-2025-27377 Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS0.00174EPSS
Exploits0References1
cve
cve
added 2026/01/22 12:16 a.m.16 views

CVE-2025-27377

CVE-2025-27377 concerns Altium Designer 24.9.0, where self-signed server certificates are not validated for cloud connections. The root cause is improper certificate validation, enabling a potential MITM attacker to intercept or manipulate network traffic and possibly expose authentication creden...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/01/22 12:0 a.m.11 views

Altium Designer security vulnerabilities

Altium Designer is an electronic design automation software developed by Altium Corporation in the United States. Version 24.9.0 of Altium Designer contains a security vulnerability. This vulnerability stems from unverified self-signed server certificates connected to the cloud, which may lead to...

5.3CVSS5.8AI score0.00174EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.7 views

PT-2026-3895

A stored cross-site scripting XSS vulnerability in the BOM Viewer in Altium AES 7.0.3 allows an authenticated attacker to inject arbitrary JavaScript into the Description field of a schematic, which is executed when the BOM Viewer renders the affected content...

6.8CVSS5.3AI score0.00201EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.18 views

PT-2026-3884

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References2
Rows per page
Query Builder