Clickjacking Vulnerability in Thales Group Web Applications
CVE-2025-64387

5.1MEDIUM

Key Information:

Vendor: Circutor
Status: Tcprs1plus
Vendor: CVE Published:; 31 October 2025

What is CVE-2025-64387?

The web application is susceptible to clickjacking attacks, where an attacker can embed the vulnerable page within a frame controlled by them. This deception tricks users into interacting with seemingly legitimate controls, potentially leading to unauthorized actions such as credential submission. Organizations using Thales web applications should take proactive measures to implement defenses against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TCPRS1plus 1.0.14

References

https://circutor.com/productos/iot-industrial-y-automatiz...

product

https://cds.thalesgroup.com/es/s21sec

https://www.hackrtu.com/blog/cg-0day-en-003/

technical-description

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 31, 2025
Vulnerability Reserved
Oct 31, 2025

Credit

Víctor Bello Cuevas

Aarón Flecha Menéndez

JSON

Circutor

What is CVE-2025-64387?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.