Primary

Context

Ericsson Indoor Connect Improper Input Validation Vulnerability Allowing Data Modification and Command Execution

Vulnerability

A vulnerability in Ericsson Indoor Connect 8855 has been identified, stemming from improper input validation. This vulnerability can be exploited to unauthorizedly disclose and modify user and configuration data, potentially leading to the execution of commands with escalated privileges. Additionally, it may impact service availability and allow for modifications to system files and configuration data.

Impact

Exploitation of this vulnerability could result in unauthorized access to user and configuration data, allowing for unauthorized modifications. It also poses a risk of executing commands with elevated privileges, potentially disrupting service availability and altering system files and configuration settings.

Remediation

Users are advised to upgrade to the Indoor Connect 2025.Q2 version, which addresses this vulnerability.

Added: Sep 25, 2025, 3:26 PM

Updated: Sep 25, 2025, 3:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ericsson Indoor Connect Improper Input Validation Vulnerability Allowing Data Modification and Command Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating