EUVD-2025-18256
Use of Less Trusted Source (CWE-348)
2025-06-13
[email protected]
2.5
CVSS 3.0
CVSS VectorNVD
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Lifecycle Timeline
3
EUVD ID Assigned
Mar 14, 2026 - 21:34 euvd
EUVD-2025-18256
Analysis Generated
Mar 14, 2026 - 21:34 vuln.today
CVE Published
Jun 13, 2025 - 09:15 nvd
LOW 2.5
DescriptionNVD
RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who can conduct a man-in-the-middle attack to eavesdrop upgrade requests and execute a malicious DLL with custom code.
AnalysisAI
A remote code execution vulnerability in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 (CVSS 2.5) that allows an attacker who can conduct a man-in-the-middle attack. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type: remote code execution. Affects RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0.
RemediationAI
Monitor vendor channels for patch availability.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).