Security Advisory

CVE-2025-41728

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-27 11:37:55

Last updated 2026-01-27 13:49:51

Assigner CERTVDE

State PUBLISHED

Description

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.

← Browse all CVEs View on cve.org ↗