Vulnerability Details CVE-2025-63219
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify configurations, and compromise system integrity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.0%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-63219
-
cpe:2.3:h:itel:iso-fm:-
-
cpe:2.3:o:itel:iso-fm_firmware:2.0.0.0