Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for LM-200 (for module EC25-J) by iND Co.,Ltd

    CVE-2025-53508 (GCVE-0-2025-53508)

    Vulnerability from nvd – Published: 2025-08-29 04:14 – Updated: 2025-08-29 12:04
    VLAI
    Summary
    Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status].
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53508",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-29T12:04:26.201302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-29T12:04:32.453Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HL330-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL330-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "LM-100",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module AMP570)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module EC25-J)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.05e and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.01 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.11 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.12 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.01 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status]."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T04:14:39.074Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.i-netd.co.jp/vulnerability/dceid-2025-001/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN50585992/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53508",
        "datePublished": "2025-08-29T04:14:39.074Z",
        "dateReserved": "2025-07-02T00:52:40.812Z",
        "dateUpdated": "2025-08-29T12:04:32.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-53507 (GCVE-0-2025-53507)

    Vulnerability from nvd – Published: 2025-08-29 04:13 – Updated: 2025-08-29 12:05
    VLAI
    Summary
    Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status].
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-922 - Insecure storage of sensitive information
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-29T12:05:21.370891Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-29T12:05:32.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HL330-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL330-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "LM-100",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module AMP570)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module EC25-J)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.05e and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.01 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.11 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.12 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.01 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status]."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "Insecure storage of sensitive information",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T04:13:58.310Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.i-netd.co.jp/vulnerability/dceid-2025-001/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN50585992/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53507",
        "datePublished": "2025-08-29T04:13:58.310Z",
        "dateReserved": "2025-07-02T00:52:40.811Z",
        "dateUpdated": "2025-08-29T12:05:32.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-53508 (GCVE-0-2025-53508)

    Vulnerability from cvelistv5 – Published: 2025-08-29 04:14 – Updated: 2025-08-29 12:04
    VLAI
    Summary
    Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status].
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53508",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-29T12:04:26.201302Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-29T12:04:32.453Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HL330-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL330-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "LM-100",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module AMP570)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module EC25-J)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.05e and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.01 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.11 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.12 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.01 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status]."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T04:14:39.074Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.i-netd.co.jp/vulnerability/dceid-2025-001/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN50585992/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53508",
        "datePublished": "2025-08-29T04:14:39.074Z",
        "dateReserved": "2025-07-02T00:52:40.812Z",
        "dateUpdated": "2025-08-29T12:04:32.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-53507 (GCVE-0-2025-53507)

    Vulnerability from cvelistv5 – Published: 2025-08-29 04:13 – Updated: 2025-08-29 12:05
    VLAI
    Summary
    Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status].
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-922 - Insecure storage of sensitive information
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-53507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-29T12:05:21.370891Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-29T12:05:32.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HL330-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL330-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7700)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "HL320-DLS (for module MC7330)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.02t and earlier"
                }
              ]
            },
            {
              "product": "LM-100",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module AMP570)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.02 and earlier"
                }
              ]
            },
            {
              "product": "LM-200 (for module EC25-J)",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.05e and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 2.01 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.11 and earlier"
                }
              ]
            },
            {
              "product": "L2X Assist-RS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.12 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-A",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.03 and earlier"
                }
              ]
            },
            {
              "product": "F2L Assist-SS-E",
              "vendor": "iND Co.,Ltd",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware version 1.01 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status]."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-922",
                  "description": "Insecure storage of sensitive information",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T04:13:58.310Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.i-netd.co.jp/vulnerability/dceid-2025-001/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN50585992/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-53507",
        "datePublished": "2025-08-29T04:13:58.310Z",
        "dateReserved": "2025-07-02T00:52:40.811Z",
        "dateUpdated": "2025-08-29T12:05:32.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }