How to fix EUVD-2025-17583?

Within 24 hours: Identify and inventory all CyberData 011209 Intercom systems in production and confirm current firmware versions. Within 7 days: Apply vendor-released patch to all affected systems; coordinate with facilities or security teams to schedule updates during low-impact windows. Within 30 days: Complete patch verification across all devices and document completion for compliance records.

Is 011209 Sip Emergency Intercom affected by EUVD-2025-17583?

CyberData 011209 Intercom systems are vulnerable to unauthenticated remote denial-of-service attacks (CVE-2025-26468) that can disable communication infrastructure without requiring credentials or user interaction.

011209 Sip Emergency Intercom EUVD-2025-17583

| CVE-2025-26468 HIGH

Missing Authentication for Critical Function (CWE-306)

2025-06-09 [email protected]

Information Disclosure 011209 Sip Emergency Intercom

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:43 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

22.0.1

EUVD ID Assigned

Mar 14, 2026 - 19:21 euvd

EUVD-2025-17583

Analysis Generated

Mar 14, 2026 - 19:21 vuln.today

CVE Published

Jun 09, 2025 - 23:15 nvd

HIGH 7.5

DescriptionNVD

CyberData 011209

Intercom exposes features that could allow an unauthenticated to gain access and cause a denial-of-service condition or system disruption.

AnalysisAI

CVE-2025-26468 is an unauthenticated denial-of-service vulnerability in CyberData 011209 Intercom systems that allows remote attackers to disrupt system availability without requiring authentication or user interaction. The vulnerability has a CVSS score of 7.5 (High) with a network attack vector, indicating significant real-world risk from remote exploitation. While active exploitation status and POC availability cannot be confirmed from the provided data, the lack of authentication requirements (PR:N, UI:N) makes this a critical priority for affected organizations.

Technical ContextAI

This vulnerability stems from CWE-306 (Missing Authentication for Critical Function), indicating that the CyberData 011209 Intercom device exposes critical functionality—specifically features that can trigger system disruption—without proper authentication mechanisms. The Intercom system likely uses HTTP/SIP-based management or control protocols that fail to validate user identity before processing commands that could lead to denial-of-service conditions. The attack vector is Network (AV:N) with Low complexity (AC:L), suggesting the vulnerability can be triggered through standard network requests to exposed service ports without requiring complex exploitation techniques or social engineering.

RemediationAI

Apply firmware patches from CyberData immediately when available; 2) If patches are unavailable, implement network segmentation to restrict access to the intercom devices to authorized management networks only; 3) Disable remote management features if not actively required; 4) Monitor for suspicious requests to the intercom management interfaces; 5) Consider implementing WAF/IDS rules to detect unauthenticated access attempts to critical intercom functions; 6) Consult CyberData security advisories at https://www.cyberdata.net/support for official patch releases and configuration guidance specific to the 011209 model. Vendor advisories and patch availability details should be obtained directly from CyberData support channels.

EUVD-2025-17583 vulnerability details – vuln.today

Back

011209 Sip Emergency Intercom EUVD-2025-17583

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code