{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T14:58:09.253","vulnerabilities":[{"cve":{"id":"CVE-2025-24341","sourceIdentifier":"psirt@bosch.com","published":"2025-04-30T12:15:15.493","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device."},{"lang":"es","value":"Una vulnerabilidad en la aplicación web de ctrlX OS permite a un atacante remoto autenticado (con privilegios bajos) inducir una denegación de servicio (DoS) en el dispositivo mediante múltiples solicitudes HTTP manipuladas. En el peor de los casos, se requiere un reinicio completo para recuperar el control del dispositivo."}],"metrics":{"cvssMetricV31":[{"source":"psirt@bosch.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@bosch.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html","source":"psirt@bosch.com"}]}}]}