CVE-2025-1235

{"id": "CVE-2025-1235", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-06-02T07:15:21.450", "references": [{"url": "https://cert.vde.com/en/advisories/VDE-2025-020", "source": "info@cert.vde.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970."}, {"lang": "es", "value": "Un atacante con pocos privilegios puede fijar la fecha de los dispositivos al 19 de enero de 2038 y, por lo tanto, superar el l\u00edmite de 32 bits. Esto provoca que la fecha del switch se retrase al 1 de enero de 1970."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "info@cert.vde.com"}