CVE-2025-64309

Published
View on NVD ↗
CVSS v3
8.6
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques.

cisagov/CSAF
cisagov/CSAF
CISA CSAF Security Advisories
GitHubGitHub
75