CVE-2025-3200

Published Apr 28, 2025

Last updated 11 days ago

CVSS critical 9.1
Tls

Overview

Description
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.
Source
info@cert.vde.com
NVD status
Deferred

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.1
Impact score
5.2
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity
CRITICAL

Weaknesses

info@cert.vde.com
CWE-327

Social media

Hype score
Not currently trending

  1. Com-Server++ の深刻な脆弱性 CVE-2025-3200 が FIX:TLS 1.0/1.1 に対する中間者攻撃 https://t.co/6BU7Nt19dO Wikipedia で TLS のバージョンを調べてみたところ、TLS 1.0 は 1999年、1.1 は 2006年に制定され、最新の TLS 1.3 は

    @iototsecnews

    12 May 2025

    104 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-3200 (CVSS:9.1, CRITICAL) is Awaiting Analysis. An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipupdate.

    @dufyijirkosa

    6 May 2025

    8 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. CVE-2025-3200 (CVSS:9.1, CRITICAL) is Awaiting Analysis. An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manip..https://t.co/pIflke8jDO #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    3 May 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-3200 - CRITICAL (9.1) - Wiesemann & Theis - Com-Server++. Unfortunately, the use of naughty crypto algorithms is still a thing 🔓🔑 https://t.co/ftODv7nKob https://t.co/KA1rZPfvfe

    @gothburz

    28 Apr 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2025-3200 ⚠️🔴 CRITICAL (9.1) 🏢 Wiesemann & Theis - Com-Server++ 🏗️ 0.0.0 🔗 https://t.co/EMiI8TCRVo #CyberCron #VulnAlert #InfoSec https://t.co/5QTVilESyt

    @cybercronai

    28 Apr 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. [CVE-2025-3200: CRITICAL] Vulnerable TLS 1.0 and TLS 1.1 protocols could allow hackers to intercept and manipulate encrypted communications between Com-Server and connected systems.#cve,CVE-2025-3200,#cybersecurity https://t.co/iS4Xy0i1tc https://t.co/ECxYJ84E0m

    @CveFindCom

    28 Apr 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. �� CVE-2025-3200 - ZyXEL NBG6817 - HIGH 🚨 🗓️ Date published 2025-04-28 10:15:16 UTC #ZyXELNBG6817 #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/jyTvX1tAwq

    @vulns_space

    28 Apr 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Related CVEs

  1. Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.CVE-2026-5194
  2. A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.CVE-2026-1584
  3. In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.CVE-2026-34179
  4. Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.CVE-2026-31789
  5. Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.CVE-2026-28387

References

Sources include official advisories and independent security research.