Skip to main content

EUVDEUVD-2025-201305

| CVE-2025-53704 HIGH
Weak Password Recovery Mechanism for Forgotten Password (CWE-640)
2025-12-04 ics-cert@hq.dhs.gov
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:23 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.36.2
EUVD ID Assigned
Mar 15, 2026 - 16:35 euvd
EUVD-2025-201305
Analysis Generated
Mar 15, 2026 - 16:35 vuln.today
CVE Published
Dec 04, 2025 - 22:15 nvd
HIGH 7.5

DescriptionCVE.org

The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account.

AnalysisAI

A security vulnerability in password reset mechanism for the Pivot client application (CVSS 7.5) that allows an attacker. High severity vulnerability requiring prompt remediation.

Technical ContextAI

Vulnerability type not specified by vendor. CVSS 7.5 indicates high severity. Affects password reset mechanism for the Pivot client application.

RemediationAI

Monitor vendor channels for patch availability.

Share

EUVD-2025-201305 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy