{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:45:35.220","vulnerabilities":[{"cve":{"id":"CVE-2025-27254","sourceIdentifier":"prodsec@nozominetworks.com","published":"2025-03-10T09:15:11.167","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CWE-282 \"Improper Ownership Management\" in GE Vernova EnerVista UR Setup allows Authentication Bypass. \nThe software's startup authentication can be disabled by altering a Windows registry setting that any user can modify."},{"lang":"es","value":"La vulnerabilidad de autenticación incorrecta en GE Vernova EnerVista UR Setup permite omitir la autenticación. La autenticación de inicio del software se puede desactivar modificando una configuración del registro de Windows que cualquier usuario puede modificar."}],"metrics":{"cvssMetricV31":[{"source":"prodsec@nozominetworks.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.5}]},"weaknesses":[{"source":"prodsec@nozominetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-282"}]}],"references":[{"url":"https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily&type=21&file=76","source":"prodsec@nozominetworks.com"},{"url":"https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-27254","source":"prodsec@nozominetworks.com"}]}}]}