What is the CVSS score of CVE-2025-42959?

CVE-2025-42959 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

How to fix or mitigate CVE-2025-42959?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

CVE-2025-42959

EUVD-2025-20350 HIGH

Use of Single-factor Authentication (CWE-308)

2025-07-08 cna@sap.com

Information Disclosure

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 04:21 euvd

EUVD-2025-20350

Analysis Generated

Mar 16, 2026 - 04:21 vuln.today

CVE Published

Jul 08, 2025 - 01:15 nvd

HIGH 8.1

DescriptionNVD

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability.

AnalysisAI

A security vulnerability in An unauthenticated attacker may exploit a scenario where a (CVSS 8.1). High severity vulnerability requiring prompt remediation.

Technical ContextAI

Vulnerability type not specified by vendor. CVSS 8.1 indicates high severity. Affects An unauthenticated attacker may exploit a scenario where a.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-42959 vulnerability details – vuln.today

Back

CVE-2025-42959

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code