Remote Code Execution Vulnerability in Acme Software by Acme Corp
CVE-2025-55048

9.8CRITICAL

Key Information:

Vendor: Baicells
Status: Neutrino430, Nova436q, Nova430e/430i, Nova846, Nova246, Nova243, Nova233, Nova227
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-55048?

A remote code execution vulnerability exists in Acme Software that could allow attackers to execute arbitrary code. This may be due to improper input validation, which exposes the system to a risk of command injections. Organizations using vulnerable versions are urged to update their software promptly to mitigate potential attacks and ensure the integrity of their systems.

Affected Version(s)

NEUTRINO430, NOVA436Q, NOVA430e/430i, NOVA846, NOVA246, NOVA243, NOVA233, NOVA227 BaiBS_RTS_3.6.6, BaiBS_RTS_3.7.10, BaiBS_RTS_3.7.11, BaiBS_RTS_3.7.11.3, BaiBS_RTS_3.7.11.6, BaiBS_RTS_3.7.11.8, BaiBS_RTS_3.7.11.11, BaiBS_RTS_3.7.11.16, BaiBS_RTD_3.7.11.6

References

https://www.gov.il/en/departments/dynamiccollectors/cve_a...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

Shahaf Levi

Baicells

What is CVE-2025-55048?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit