Vulnerability Details CVE-2025-27377
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.2%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2025-27377
-
cpe:2.3:a:altium:designer:24.10.1
-
cpe:2.3:a:altium:designer:24.9.1
-
cpe:2.3:a:altium:designer:25.0.2
-
cpe:2.3:a:altium:designer:25.1.2