CVE-2025-2485015.04.2025, 22:15An attacker can export other users' plant information.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.3 MEDIUMNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NicscertCNA5.3 MEDIUMNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NCISA-ADPADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 11%Common Weakness EnumerationCWE-639 - Authorization Bypass Through User-Controlled KeyThe system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.Referenceshttps://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04