CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-25055: Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If...

5.3 CVSS

Description

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed.

Classification

CVE ID: CVE-2025-25055

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

Vendor: JIP InfoBridge Co., Ltd.

Product: FileMegane

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 16.33% (scored less or equal to compared to others)

EPSS Date: 2025-03-19 (when was this score calculated)

References

https://www.info-brdg.co.jp/support/report/megane/sec20250201.html
https://jvn.jp/en/jp/JVN80527854/

Timeline

2025-02-19 00:31:38 UTC
CVE

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If...