Path Traversal Vulnerability in CRESTRON TOUCHSCREENS x70
CVE-2025-47415

6.8MEDIUM

Key Information:

Vendor: Crestron
Status: Touchscreens X60, X70 Series
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-47415?

A Path Traversal vulnerability in CRESTRON TOUCHSCREENS x70 allows attackers to access restricted directories through relative path traversal. This issue affects versions 3.000.0110.001 and earlier, including confirmed affected hardware models TSW-760 and TSW-1060. While a fixed firmware version 3.001.0031.001 exists, the recommended firmware update should be applied promptly to mitigate potential security risks.

Affected Version(s)

TOUCHSCREENS x60, x70 series 3.000.0110.001 < 3.001.0031.001

References

https://security.crestron.com

vendor-advisory

https://www.crestron.com/Software-Firmware/Firmware/Touch...

patch

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
May 6, 2025

Credit

IBM

Crestron

What is CVE-2025-47415?

Affected Version(s)

References

CVSS V4

Timeline

Credit