anonhaven
Ad

CVE-2025-27260

HIGH CVSS 4.0: 7.2 EPSS 0.03%
Updated Mar 27, 2026
Ericsson
Parameter Value
CVSS 7.2 (HIGH)
Affected Versions before 2025.q3
Fixed In 2025.q3
Type CWE-790
Vendor Ericsson
Public PoC No

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-790

Vulnerable Products 2

Configuration From (including) Up to (excluding)
Ericsson Indoor_Connect_8855_Firmware
cpe:2.3:o:ericsson:indoor_connect_8855_firmware:*:*:*:*:*:*:*:*
 2025.q3
Ericsson Indoor_Connect_8855
cpe:2.3:h:ericsson:indoor_connect_8855:-:*:*:*:*:*:*:*

References 2

https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-27260
85b1779b-6ecd-4f52-bcc5-73eac4659dcf
https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorcon…
85b1779b-6ecd-4f52-bcc5-73eac4659dcf
Share Post Share Share Share

Related Vulnerabilities

CVE-2025-40842

Ericsson

8.5

CVE-2025-40841

Ericsson

5.1

CVE-2025-40843

Ericsson

5.9

CVE-2025-1300

Ericsson

6.1

CVE-2024-53829

Ericsson

8.2