Firmware Update Exploit in Affected Product from Vendor
CVE-2025-48469

9.6CRITICAL

Key Information:

Vendor

Advantech
Status
Advantech Wireless Sensing And Equipment (wise)
Vendor
CVE Published:
24 June 2025

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2025-48469?

A vulnerability exists that allows unauthorized users to upload firmware via a publicly accessible update page. This can lead to unauthorized installation of backdoors or escalate privileges within the system, posing a significant security risk. Keeping systems updated and monitoring access to update functionalities is crucial to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Advantech Wireless Sensing and Equipment (WISE) A2.01 B00

News Articles

favicon imageCyber Security Agency of Singapore

Multiple Vulnerabilities in Advantech Products

Advantech has released security updates and mitigation measures addressing multiple vulnerabilities in their products. Users and administrators of affected...

References

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-20...
https://jro.sg/CVEs/CVE-2025-48469/

CVSS V3.1

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • ๐Ÿ“ฐ

    First article discovered by Cyber Security Agency of Singapore

  • Vulnerability published

  • Vulnerability Reserved

Credit

Lam Jun Rong
JSON
.