Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for AC1.2 by Auma

    CVE-2025-41657 (GCVE-0-2025-41657)

    Vulnerability from nvd – Published: 2025-06-10 10:46 – Updated: 2025-06-10 14:25
    VLAI
    Title
    AUMA: Incorrect delivery status of the Bluetooth configuration
    Summary
    Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-207 - Observable Behavioral Discrepancy With Equivalent Products
    Assigner
    References
    Impacted products
    Vendor Product Version
    Auma AC1.2 Affected: 01.01.2024 , < 09.05.2025 (semver)
    Create a notification for this product.
    Auma PROFOX Affected: 01.01.2024 , < 09.05.2025 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41657",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-10T14:25:31.913039Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-10T14:25:52.710Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AC1.2",
              "vendor": "Auma",
              "versions": [
                {
                  "lessThan": "09.05.2025",
                  "status": "affected",
                  "version": "01.01.2024",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "PROFOX",
              "vendor": "Auma",
              "versions": [
                {
                  "lessThan": "09.05.2025",
                  "status": "affected",
                  "version": "01.01.2024",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker."
                }
              ],
              "value": "Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-207",
                  "description": "CWE-207 Observable Behavioral Discrepancy With Equivalent Products",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T10:46:30.034Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://certvde.com/en/advisories/VDE-2025-047"
            }
          ],
          "source": {
            "advisory": "VDE-2025-047",
            "defect": [
              "CERT@VDE#641788"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "AUMA: Incorrect delivery status of the Bluetooth configuration",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2025-41657",
        "datePublished": "2025-06-10T10:46:30.034Z",
        "dateReserved": "2025-04-16T11:17:48.306Z",
        "dateUpdated": "2025-06-10T14:25:52.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-41657 (GCVE-0-2025-41657)

    Vulnerability from cvelistv5 – Published: 2025-06-10 10:46 – Updated: 2025-06-10 14:25
    VLAI
    Title
    AUMA: Incorrect delivery status of the Bluetooth configuration
    Summary
    Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-207 - Observable Behavioral Discrepancy With Equivalent Products
    Assigner
    References
    Impacted products
    Vendor Product Version
    Auma AC1.2 Affected: 01.01.2024 , < 09.05.2025 (semver)
    Create a notification for this product.
    Auma PROFOX Affected: 01.01.2024 , < 09.05.2025 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-41657",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-10T14:25:31.913039Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-10T14:25:52.710Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AC1.2",
              "vendor": "Auma",
              "versions": [
                {
                  "lessThan": "09.05.2025",
                  "status": "affected",
                  "version": "01.01.2024",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "PROFOX",
              "vendor": "Auma",
              "versions": [
                {
                  "lessThan": "09.05.2025",
                  "status": "affected",
                  "version": "01.01.2024",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker."
                }
              ],
              "value": "Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-207",
                  "description": "CWE-207 Observable Behavioral Discrepancy With Equivalent Products",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-10T10:46:30.034Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://certvde.com/en/advisories/VDE-2025-047"
            }
          ],
          "source": {
            "advisory": "VDE-2025-047",
            "defect": [
              "CERT@VDE#641788"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "AUMA: Incorrect delivery status of the Bluetooth configuration",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2025-41657",
        "datePublished": "2025-06-10T10:46:30.034Z",
        "dateReserved": "2025-04-16T11:17:48.306Z",
        "dateUpdated": "2025-06-10T14:25:52.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }