CVE-2025-9999 HIGH

CVE-2025-9999: Improper validation of payload elements

Vendor Arcinfo
Product PcVue
Weakness CWE-940
Published September 5, 2025
Last update February 26, 2026

CVSS base score

7.6/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/AU:Y/R:U/RE:M/U:Green

What the vulnerability does

01Description

Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

Key dates

02Disclosure timeline

September 5, 2025 CVE published
February 26, 2026 Record updated