Skip to main content

Guardian EUVDEUVD-2025-209471

| CVE-2025-40899 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-04-15 Nozomi GHSA-28p4-5j5m-924h
7.1
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

10
Re-analysis Queued
Apr 17, 2026 - 15:52 vuln.today
cvss_changed
Patch released
Apr 17, 2026 - 15:38 nvd
Patch available
Analysis Updated
Apr 16, 2026 - 05:56 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
26.0.0
CVSS changed
Apr 15, 2026 - 15:22 NVD
8.9 (HIGH) 7.1 (HIGH)
Analysis Generated
Apr 15, 2026 - 09:08 vuln.today
EUVD ID Assigned
Apr 15, 2026 - 09:00 euvd
EUVD-2025-209471
Analysis Generated
Apr 15, 2026 - 09:00 vuln.today
CVE Published
Apr 15, 2026 - 08:18 nvd
HIGH 7.1

DescriptionCVE.org

A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges can define a malicious custom field containing a JavaScript payload. When the victim views the Assets or Nodes pages, the XSS executes in their browser context, allowing the attacker to perform unauthorized actions as the victim, such as modify application data, disrupt application availability, and access limited sensitive information.

AnalysisAI

Stored Cross-Site Scripting (XSS) in Nozomi Networks Guardian and CMC allows authenticated attackers with custom field privileges to inject malicious JavaScript payloads through the Assets and Nodes custom field functionality. When victims view affected pages, the XSS executes with high integrity and availability impact due to changed scope (CVSS S:C), enabling unauthorized actions including data modification and service disruption. No public exploit identified at time of analysis, though the attack complexity is low (AC:L) once custom field access is obtained.

Technical ContextAI

This vulnerability affects Nozomi Networks Guardian and Central Management Console (CMC), industrial control system (ICS) and operational technology (OT) network monitoring platforms. The flaw stems from improper input validation (CWE-79: Improper Neutralization of Input During Web Page Generation) in the custom fields feature within Assets and Nodes pages. The stored XSS nature means the malicious payload persists in the application database and executes whenever users navigate to the compromised pages, rather than requiring repeated injection. The changed scope indicator (S:C) in the CVSS vector signifies the vulnerability can affect resources beyond its original security context, allowing attackers to perform actions in victims' authenticated sessions with potentially elevated privileges compared to their own low-privilege custom field access.

RemediationAI

Organizations running affected Nozomi Networks Guardian or CMC instances should immediately review the vendor security advisory at https://security.nozominetworks.com/NN-2026:2-01 for patch availability and specific remediation guidance. Until patches can be applied, implement compensating controls including restricting custom field creation privileges to only essential trusted administrators, implementing enhanced session monitoring for users with custom field access, deploying Content Security Policy (CSP) headers if supported to limit inline script execution, and conducting security awareness training for users who regularly access Assets and Nodes pages to recognize suspicious behaviors. Review existing custom fields for potentially malicious JavaScript content and audit user accounts with custom field privileges for unauthorized access or privilege escalation.

CVE-2020-7049 HIGH POC
7.3 Jun 30

Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection. Rated high severity (CVSS 7

CVE-2020-15307 MEDIUM POC
6.1 Jun 30

Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to

CVE-2023-29245 CRITICAL
9.2 Sep 19

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields us

CVE-2026-31984 HIGH
8.7 Jul 09

Disk-exhaustion denial of service in Nozomi Networks Guardian and Central Management Console (CMC) lets a remote, unauth

CVE-2026-39911 HIGH
8.7 Apr 09

Authenticated Standard Registry users can execute arbitrary Node.js code in Hashgraph Guardian ≤3.5.0 through unsandboxe

CVE-2023-2567 HIGH
8.7 Sep 19

A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in ce

CVE-2023-23574 HIGH
8.7 Aug 09

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alerts_

CVE-2023-22378 HIGH
8.7 Aug 09

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting

CVE-2022-0551 HIGH
8.6 Mar 24

Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticat

CVE-2022-0550 HIGH
8.6 Mar 24

Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an auth

CVE-2021-26725 HIGH
8.6 Feb 22

Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticat

CVE-2021-26724 HIGH
8.6 Feb 22

OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and

Share

EUVD-2025-209471 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy