-
Byte Open Security
(ByteOS Network)
Log In
Sign Up
CVE Vulnerability Details :
CVE-2025-5333
PUBLISHED
More Info
Official Page
Assigner
-
symantec
Assigner Org ID
-
80d3bcb6-88de-48c2-a47e-aebf795f19b5
View Known Exploited Vulnerability (KEV) details
Published At
-
06 Jul, 2025 | 13:50
Updated At
-
07 Jul, 2025 | 14:02
Rejected At
-
▼
CVE Numbering Authority (CNA)
Unauthenticated Remote Code Execution in IT Management Suite
Remote attackers can execute arbitrary code in the context of the vulnerable service process.
Affected Products
Vendor
Broadcom Inc.
Broadcom
Product
Symantec IT Management Suite
Default Status
affected
Versions
Affected
8.6.x, 8.7.x 8.8
Metrics
Version
Base score
Base severity
Vector
4.0
9.5
CRITICAL
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:I/V:C/RE:L/U:Red
Version:
4.0
Base score:
9.5
Base severity:
CRITICAL
Vector:
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:I/V:C/RE:L/U:Red
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Eleftherios Panos (lefteris.panos@lrqa.com)
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35903
vendor-advisory
Hyperlink:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35903
Resource:
vendor-advisory
▼
Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
Type
CWE ID
Description
CWE
CWE-94
CWE-94 Improper Control of Generation of Code ('Code Injection')
Type:
CWE
CWE ID:
CWE-94
Description:
CWE-94 Improper Control of Generation of Code ('Code Injection')
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
Details not found