{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T03:13:07.835","vulnerabilities":[{"cve":{"id":"CVE-2025-1960","sourceIdentifier":"cybersecurity@se.com","published":"2025-03-12T16:15:20.797","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an\nattacker to execute unauthorized commands when a system’s default password credentials have not been\nchanged on first use. The default username is not displayed correctly in the WebHMI interface."},{"lang":"es","value":"CWE-1188: Existe una vulnerabilidad de inicialización de un recurso con un valor predeterminado inseguro que podría provocar que un atacante ejecute comandos no autorizados cuando las credenciales de contraseña predeterminadas de un sistema no se hayan cambiado en el primer uso. El nombre de usuario predeterminado no se muestra correctamente en la interfaz WebHMI."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@se.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1188"}]}],"references":[{"url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-070-03.pdf","source":"cybersecurity@se.com"}]}}]}