CVE-2025-9495 HIGH

CVE-2025-9495: Viessmann Vitogate 300 Authentication Bypass

Vendor Viessmann
Product Vitogate 300
Weakness CWE-602 · Client-side enforcement
Published September 23, 2025
Last update September 23, 2025

CVSS base score

8.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

The Vitogate 300 web interface fails to enforce proper server-side authentication and relies on frontend-based authentication controls. This allows an attacker to simply modify HTML elements in the browser’s developer tools to bypass login restrictions. By removing specific UI elements, an attacker can reveal the hidden administration menu, giving them full control over the device.

Key dates

02Disclosure timeline

September 23, 2025 CVE published
September 23, 2025 Record updated