CVE-2025-59814

high

Description

This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database.

References

https://wiki.zenitel.com/wiki/ICX_1.4.3.X_-_Release_Notes

https://wiki.zenitel.com/wiki/Downloads#ICX-AlphaCom_System

Details

Source: Mitre, NVD

Published: 2025-09-25

Updated: 2025-09-26

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00031

Detections

Analytics