SQL Injection Vulnerability in CyberData Intercom Devices
CVE-2025-30507

6.9MEDIUM

Key Information:

Vendor: Cyberdata
Status: 011209 Sip Emergency Intercom
Vendor: CVE Published:; 9 June 2025

What is CVE-2025-30507?

The CyberData 011209 Intercom is vulnerable to blind SQL injection attacks, which can allow unauthenticated users to extend unauthorized access, potentially leading to the exposure of sensitive information. This vulnerability represents a significant security risk, highlighting the need for timely updates and robust security measures to protect sensitive data and maintain system integrity.

Affected Version(s)

011209 SIP Emergency Intercom 0 < 22.0.1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2025
Vulnerability Reserved
Mar 26, 2025

Credit

Vera Mens of Claroty Team82 reported these vulnerabilities to CISA.

Cyberdata

What is CVE-2025-30507?

Affected Version(s)

References

CVSS V4

Timeline

Credit