CVE-2025-1037
published 2025-10-28CVE-2025-1037: By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access…
PriorityP342high7.5CVSS 4.0
AVAACLATPPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.14%
3.6th percentile
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hitachi_energy | tropos_4th_gen | 8.7.0.0 – 8.9.6.0 | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv4.07.5HIGHCVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat6.8MEDIUM
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qwm8-rr7r-8h48: By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable
ghsa_unreviewed·2025-10-28
CVE-2025-1037 [HIGH] CWE-269 GHSA-qwm8-rr7r-8h48: By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.
Red Hat
kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors
vendor_redhat·2026-05-12·CVSS 6.8
CVE-2025-35979 [MEDIUM] CWE-1037 kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors
kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors
A flaw was found in the kernel. This vulnerability, affecting some Intel(R) Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root (guest) operation. An unprivileged software adversary with an authenticated user can exploit this locally to disclose sensitive information. This high-complexity attack requires no user interaction and can lead to significant data exposure.
Statement: This Moderate impact information disclosure flaw affects Intel processors in virtualized environments utilizing VMX non-root (guest) operation. An authenticated, unprivileged local attacker could exploit shared microarchitectural predictor sta
CISA ICS
Hitachi Energy TropOS
cisa_ics·2025-10-30·CVSS 8.7
[HIGH] Hitachi Energy TropOS
ICS Advisory
##
Hitachi Energy TropOS
Release DateOctober 30, 2025
Alert CodeICSA-25-303-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: TropOS
- Vulnerabilities: OS Command Injection, Improper Privilege Management
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow command injections and privilege escalation.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports TropOS wireless devices are affected when using the following firmware versions:
- TropOS 4th Gen Firmware: versions 8.9.6.0 and prior (CVE-2025-1036, CVE-2025-1
Microsoft
Windows Secure Kernel Mode Information Disclosure Vulnerability
vendor_msrc·2025-07-08·CVSS 5.5
CVE-2025-48810 [MEDIUM] CWE-1037 Windows Secure Kernel Mode Information Disclosure Vulnerability
Windows Secure Kernel Mode Information Disclosure Vulnerability
Description: Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.
FAQ: What type of information could be disclosed by this vulnerability?
Exploiting this vulnerability could allow the disclosure of certain kernel memory content.
FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?
An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacte
Microsoft
Windows Kernel Information Disclosure Vulnerability
vendor_msrc·2025-07-08·CVSS 5.5
CVE-2025-26636 [MEDIUM] CWE-1037 Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Description: Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
FAQ: What type of information could be disclosed by this vulnerability?
Exploiting this vulnerability could allow the disclosure of certain kernel memory content.
Windows Kernel: Windows Kernel
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5062553
Reference: https://support.microsoft.com/help/5062553
Microsoft
Windows Secure Kernel Mode Information Disclosure Vulnerability
vendor_msrc·2025-07-08·CVSS 5.5
CVE-2025-48809 [MEDIUM] CWE-1037 Windows Secure Kernel Mode Information Disclosure Vulnerability
Windows Secure Kernel Mode Information Disclosure Vulnerability
Description: Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
FAQ: What type of information could be disclosed by this vulnerability?
Exploiting this vulnerability could allow the disclosure of certain kernel memory content.
Windows Kernel: Windows Kernel
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5062553
Reference: https://support.microsoft.com/help/5062553
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-28
Published