Inadequate Encryption in editso fuso by editso
CVE-2025-9513

6.3MEDIUM

Key Information:

Vendor: Editso
Status: Fuso
Vendor: CVE Published:; 27 August 2025

What is CVE-2025-9513?

A vulnerability has been discovered in the editso fuso product, specifically in the function PenetrateRsaAndAesHandshake located in the file src/net/penetrate/handshake/mod.rs. This flaw arises from improper handling of the priv_key argument, leading to insufficient encryption strength. Although remote exploitation of this vulnerability is feasible, it requires a high degree of complexity, making the attack challenging to execute successfully.

Affected Version(s)

fuso 1.0.4-beta.0

fuso 1.0.4-beta.1

fuso 1.0.4-beta.2

References

https://vuldb.com/?id.321506

vdb-entrytechnical-description

https://vuldb.com/?ctiid.321506

signaturepermissions-required

https://vuldb.com/?submit.635449

third-party-advisory

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 27, 2025
Vulnerability Reserved
Aug 26, 2025

Credit

dev03301 (VulDB User)

Editso

What is CVE-2025-9513?

Affected Version(s)

References

CVSS V4

Timeline

Credit