CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-15114

Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file after authentication. Attackers can retrieve the PIN from the server response to bypass security measures and disable the alarm system without additional authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-pin-exposure-vulnerability
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5929.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5929.php

Products affected by CVE-2025-15114

Kseniasecurity » Lares » Version: 4.0

cpe:2.3:h:kseniasecurity:lares:4.0
Kseniasecurity » Lares Firmware » Version: 1.6

cpe:2.3:o:kseniasecurity:lares_firmware:1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-15114

Products

Pricing

Contact Us