4 matches found
CVE-2025-7770
Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...
CVE-2025-7770
CVE-2025-7770 affects Tigo Energy Cloud Connect Advanced (CCA). The vulnerability is insecure session ID generation in the remote API, where session IDs are produced by a predictable method based on the current timestamp, enabling attackers to recreate valid session IDs. Combined with bypassing s...
CVE-2025-7770 Predictable Seed in Pseudo-Random Number Generator (PRNG) in Tigo Energy Cloud Connect Advanced
Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...
CVE-2025-7770
creationtimestamp| type| source ---|---|--- 2025-08-05 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-217-02 2025-08-05 16:06:34+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lvo3obrv5y2b 2025-08-06 23:50:35+00:00| seen|...