Reflected Cross-Site Scripting Vulnerability in Advantech iView Software
CVE-2025-53397

5.1MEDIUM

Key Information:

Vendor: Advantech
Status: Iview
Vendor: CVE Published:; 11 July 2025

What is CVE-2025-53397?

A vulnerability in Advantech iView allows for reflected cross-site scripting (XSS) attacks. Attackers can exploit this weakness to inject and execute unauthorized scripts in a user's browser session. Such exploitation may lead to information disclosure or facilitate various malicious activities, posing a significant threat to user security and data integrity.

Affected Version(s)

iView 0 < 5.7.05 build 7057

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...

https://www.advantech.com/en/support/details/firmware-?id...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2025