CVE-2025-23019 MEDIUM

CVE-2025-23019

Vendor Ietf
Product IPv6
Weakness CWE-940
Published January 14, 2025
Last update November 3, 2025

CVSS base score

5.4/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.

Key dates

02Disclosure timeline

January 14, 2025 CVE published
November 3, 2025 Record updated