{"uuid": "26751124-a2b9-4480-94ae-ff142d793d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47417", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47417\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse.\n\n\n\nWhen Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible indication that this is being done.\n\n\nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.\n\ud83d\udccf Published: 2025-05-06T19:49:09.288Z\n\ud83d\udccf Modified: 2025-05-06T19:49:09.288Z\n\ud83d\udd17 References:\n1. https://security.crestron.com\n2. https://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8\n3. https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdf", "creation_timestamp": "2025-05-06T20:21:21.000000Z"}