{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15587", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "state": "PUBLISHED", "assignerShortName": "CERT-PL", "dateReserved": "2026-02-20T14:17:55.245Z", "datePublished": "2026-03-16T09:26:00.418Z", "dateUpdated": "2026-03-16T16:26:18.674Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Lan Kontroler v3.5", "vendor": "tinycontrol", "versions": [{"lessThan": "1.67", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "LK3.9", "vendor": "tinycontrol", "versions": [{"lessThan": "1.75", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "LK4", "vendor": "tinycontrol", "versions": [{"lessThan": "1.38", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "tcPDU", "vendor": "tinycontrol", "versions": [{"lessThan": "1.36", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2026-03-16T09:25:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Tinycontrol devices such as <span style=\"background-color: rgb(255, 255, 255);\">tcPDU and </span>LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface.<br><br><span style=\"background-color: rgb(255, 255, 255);\">This issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and&nbsp;1.38 (for LK4 - hardware version 4.0).</span><br>"}], "value": "Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface.\n\nThis issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and\u00a01.38 (for LK4 - hardware version 4.0)."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 8.6, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-425", "description": "CWE-425 Direct Request ('Forced Browsing')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2026-03-16T09:26:00.418Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://cert.pl/en/posts/2026/03/CVE-2025-11500/"}, {"tags": ["release-notes"], "url": "https://tinycontrol.pl/en/archives/lan-controller-35/downloads/#firmware"}, {"tags": ["release-notes"], "url": "https://tinycontrol.pl/en/lk39/downloads/#firmware"}, {"tags": ["release-notes"], "url": "https://tinycontrol.pl/en/lk4/downloads/#firmware"}, {"tags": ["release-notes"], "url": "https://tinycontrol.pl/en/tcpdu/downloads/#firmware"}], "source": {"discovery": "INTERNAL"}, "title": "Credentials exposure in tinycontrol devices", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T16:25:55.562703Z", "id": "CVE-2025-15587", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T16:26:18.674Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-15587", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-16T16:25:55.562703Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T16:26:10.085Z"}}], "cna": {"title": "Credentials exposure in tinycontrol devices", "source": {"discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "tinycontrol", "product": "Lan Kontroler v3.5", "versions": [{"status": "affected", "version": "0", "lessThan": "1.67", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tinycontrol", "product": "LK3.9", "versions": [{"status": "affected", "version": "0", "lessThan": "1.75", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tinycontrol", "product": "LK4", "versions": [{"status": "affected", "version": "0", "lessThan": "1.38", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tinycontrol", "product": "tcPDU", "versions": [{"status": "affected", "version": "0", "lessThan": "1.36", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-16T09:25:00.000Z", "references": [{"url": "https://cert.pl/en/posts/2026/03/CVE-2025-11500/", "tags": ["third-party-advisory"]}, {"url": "https://tinycontrol.pl/en/archives/lan-controller-35/downloads/#firmware", "tags": ["release-notes"]}, {"url": "https://tinycontrol.pl/en/lk39/downloads/#firmware", "tags": ["release-notes"]}, {"url": "https://tinycontrol.pl/en/lk4/downloads/#firmware", "tags": ["release-notes"]}, {"url": "https://tinycontrol.pl/en/tcpdu/downloads/#firmware", "tags": ["release-notes"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface.\n\nThis issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and\u00a01.38 (for LK4 - hardware version 4.0).", "supportingMedia": [{"type": "text/html", "value": "Tinycontrol devices such as <span style=\"background-color: rgb(255, 255, 255);\">tcPDU and </span>LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface.<br><br><span style=\"background-color: rgb(255, 255, 255);\">This issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and&nbsp;1.38 (for LK4 - hardware version 4.0).</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-425", "description": "CWE-425 Direct Request ('Forced Browsing')"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2026-03-16T09:26:00.418Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15587", "state": "PUBLISHED", "dateUpdated": "2026-03-16T16:26:18.674Z", "dateReserved": "2026-02-20T14:17:55.245Z", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "datePublished": "2026-03-16T09:26:00.418Z", "assignerShortName": "CERT-PL"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface.\n\nThis issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and\u00a01.38 (for LK4 - hardware version 4.0)."}], "id": "CVE-2025-15587", "lastModified": "2026-03-16T14:53:46.157", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cvd@cert.pl", "type": "Secondary"}]}, "published": "2026-03-16T14:17:56.577", "references": [{"source": "cvd@cert.pl", "url": "https://cert.pl/en/posts/2026/03/CVE-2025-11500/"}, {"source": "cvd@cert.pl", "url": "https://tinycontrol.pl/en/archives/lan-controller-35/downloads/#firmware"}, {"source": "cvd@cert.pl", "url": "https://tinycontrol.pl/en/lk39/downloads/#firmware"}, {"source": "cvd@cert.pl", "url": "https://tinycontrol.pl/en/lk4/downloads/#firmware"}, {"source": "cvd@cert.pl", "url": "https://tinycontrol.pl/en/tcpdu/downloads/#firmware"}], "sourceIdentifier": "cvd@cert.pl", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-425"}], "source": "cvd@cert.pl", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.67)"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Lan Kontroler v3.5", "source": "cna", "vendor": "tinycontrol"}, "product": "lan_controller", "vendor": "tinycontrol"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.75)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "LK3.9", "source": "cna", "vendor": "tinycontrol"}, "product": "lk3.9", "vendor": "tinycontrol"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.38)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "LK4", "source": "cna", "vendor": "tinycontrol"}, "product": "lk4", "vendor": "tinycontrol"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.36)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "tcPDU", "source": "cna", "vendor": "tinycontrol"}, "product": "tcpdu", "vendor": "tinycontrol"}], "analysis": {"en": {"generated_at": "2026-03-22T15:08:39.315293+00:00", "value": {"mitigation_remediation": ["Update the device firmware to the fixed versions: 1.36 for tcPDU, 1.67 for LK3.5, 1.75 for LK3.9, and 1.38 for LK4.", "Restrict network or local access to the administration interfaces and enforce role\u2011based access control so that low\u2011privileged users cannot reach the vulnerable resource.", "Monitor device logs for attempts to access the administrator password and set up alerts for unauthorized access attempts."], "summary": {"action": "Patch Firmware", "impact": "Local Credential Exposure"}, "threat_synthesis": {"affected_systems": "Affected products are Tinycontrol devices including the tcPDU and LAN Controllers LK3.5, LK3.9, and LK4. The specific firmware versions vulnerable are 1.36 for tcPDU, 1.67 for LK3.5 (hardware versions 3.5\u20133.8), 1.75 for LK3.9 (hardware version 3.9), and 1.38 for LK4 (hardware version 4.0).", "description_and_impact": "The vulnerability allows a user with low privileges on a Tinycontrol device to read the administrator password by accessing a specific resource that is not available through the standard graphical interface. This leak of administrative credentials can lead to privilege escalation and full control over the device, representing a significant confidentiality breach. The weakness is an insecure design flaw classified as CWE-425.", "risk_and_exploitability": "The CVSS score of 8.6 indicates a high severity impact. The EPSS score is less than 1\u202f%, suggesting that exploitation is currently uncommon. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that a low\u2011privileged user, either locally on the device or via network access to the management interface, can reach the vulnerable resource. Once the administrator password is accessed, the attacker can compromise the device and potentially affect all connected equipment. As the weakness is limited to privileged users, organizations should evaluate local user permissions and network exposure to mitigate risk."}}}}, "created": "2026-03-24T10:45:17.257959+00:00", "updated": "2026-03-30T08:00:34.718272+00:00", "vendors": ["tinycontrol", "tinycontrol$PRODUCT$lan_controller", "tinycontrol$PRODUCT$lk3.9", "tinycontrol$PRODUCT$lk4", "tinycontrol$PRODUCT$tcpdu"]}