CVE-2025-59815

high

Description

This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the device’s availability, confidentiality, and integrity.

References

https://wiki.zenitel.com/wiki/ICX_1.4.3.X_-_Release_Notes

https://wiki.zenitel.com/wiki/Downloads#ICX-AlphaCom_System

Details

Source: Mitre, NVD

Published: 2025-09-25

Updated: 2025-09-26

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.4

Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00028