CVE-2025-47419 – Crestron Automate VX Insecure Communication Vulnerability

May 6, 2025

CVE ID : CVE-2025-47419

Published : May 6, 2025, 9:16 p.m. | 2 hours, 41 minutes ago

Description : Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic.

The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords.

This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

Next Article CVE-2025-47418 – Crestron Automate VX Sensitive Information Exposure

Highlights

CVE-2025-31650 – Apache Tomcat HTTP Priority Header Memory Leak DoS

April 28, 2025

CVE ID : CVE-2025-31650

Published : April 28, 2025, 8:15 p.m. | 2 hours, 50 minutes ago

Description : Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.

This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.

Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-47419 – Crestron Automate VX Insecure Communication Vulnerability

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

This AI Paper Introduces Effective State-Size (ESS): A Metric to Quantify Memory Utilization in Sequence Models for Performance Optimization

Apple’s latest MacBook Air M4 was just released and it just got even cheaper

Shaping the future of advanced robotics

Samsung slashes gaming monitor prices — 50% off and a bonus Odyssey display at no extra cost

CVE-2025-31650 – Apache Tomcat HTTP Priority Header Memory Leak DoS

Music AI Sandbox, now with new features and broader access

mise manages installations of programming language runtimes

Isembard raised $9M to address manufacturing capacity crisis in the West

CVE-2025-47419 – Crestron Automate VX Insecure Communication Vulnerability

Related Posts