{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T00:09:15.720","vulnerabilities":[{"cve":{"id":"CVE-2025-64385","sourceIdentifier":"50b5080a-775f-442e-83b5-926b5ca517b6","published":"2025-10-31T15:15:43.527","lastModified":"2026-06-17T09:54:18.887","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the web server or with the manufacturer’s software.\nUsing the manufacturer's software, the device can be configured via UDP. Analyzing this communication, it has been observed that any aspect of the initial configuration can be changed by means of the device's MAC without the need for authentication."},{"lang":"es","value":"El equipo inicialmente puede configurarse usando la aplicación del fabricante, por Wi-Fi, por el servidor web o con el software del fabricante.\nUsando el software del fabricante, el dispositivo puede configurarse vía UDP. Analizando esta comunicación, se ha observado que cualquier aspecto de la configuración inicial puede cambiarse por medio de la MAC del dispositivo sin necesidad de autenticación."}],"affected":[{"source":"50b5080a-775f-442e-83b5-926b5ca517b6","affectedData":[{"vendor":"Circutor","product":"TCPRS1plus","defaultStatus":"unknown","versions":[{"version":"1.0.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"50b5080a-775f-442e-83b5-926b5ca517b6","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-11-03T19:06:09.900343Z","id":"CVE-2025-64385","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"50b5080a-775f-442e-83b5-926b5ca517b6","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://cds.thalesgroup.com/es/s21sec","source":"50b5080a-775f-442e-83b5-926b5ca517b6"},{"url":"https://circutor.com/productos/iot-industrial-y-automatizacion/conversores-y-pasarelas/product/D80010./","source":"50b5080a-775f-442e-83b5-926b5ca517b6"},{"url":"https://www.hackrtu.com/blog/cg-0day-en-003/","source":"50b5080a-775f-442e-83b5-926b5ca517b6"}]}}]}