CVE-2025-21073
3 documents3 sources
Severity
4.1MEDIUM
EPSS
0.0%
top 97.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 5
Description
Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability.
CVSS vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 1.6 | Impact: 5.2
Affected Packages1 packages
🔴Vulnerability Details
2CVEList▶
CVE-2025-21073: Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data↗2025-11-05
GHSA▶
GHSA-9r3j-gc74-fvx7: Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data↗2025-11-05