Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands with root permission on the modem. An attacker needs either physical access or remote shell access to a device that interacts directly with the modem via AT commands.
AnalysisAI
CVE-2025-26412 is a security vulnerability (CVSS 6.8) that allows an attacker. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor.
RemediationAI
Monitor vendor channels for patch availability.
Same weakness CWE-912 – Hidden Functionality
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18087