CVE-2025-6965 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
sqlite	sqlite	𝑥 < 3.50.2

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
Siemens	RUGGEDCOM CROSSBOW Station Access Controller \(SAC\)	𝑥 < V5.8	ADP
Siemens	SIDIS Prime	𝑥 < V4.0.800	ADP

Windows Releases

Platform

Version

Windows 10

1607 (x64, x86)	KB5073722
1809 (x64, x86)	KB5073723
21H2 (arm64, x64, x86)	KB5073724
22H2 (arm64, x64, x86)	KB5073724

Windows 11

23H2 (arm64, x64)	KB5073455
24H2 (arm64, x64)	KB5074109
25H2 (x64)	KB5074109

Windows Server 2016

Server Core	KB5073722
Standard	KB5073722

Windows Server 2019

Server Core	KB5073723
Standard	KB5073723

Windows Server 2022

23H2 Server Core	KB5073450
Server Core	KB5073457
Standard	KB5073457

Windows Server 2025

Server Core	KB5073379
Standard	KB5073379

Debian Releases

Debian Product

Codename

sqlite3

bookworm	3.40.1-2+deb12u2 fixed
bullseye	postponed
bullseye (security)	vulnerable
forky	3.46.1-9 fixed
sid	3.46.1-9 fixed
trixie	3.46.1-7+deb13u1 fixed

Ubuntu Releases

Ubuntu Product

Codename

sqlite3

bionic	Fixed 3.22.0-1ubuntu0.7+esm2 released
focal	Fixed 3.31.1-4ubuntu0.7+esm1 released
jammy	Fixed 3.37.2-2ubuntu0.5 released
noble	Fixed 3.45.1-1ubuntu2.4 released
plucky	Fixed 3.46.1-3ubuntu0.2 released
questing	Fixed 3.46.1-6ubuntu1 released
trusty	Fixed 3.8.2-1ubuntu2.2+esm5 released
xenial	Fixed 3.11.0-1ubuntu1.5+esm3 released

sqlite

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
plucky	dne
questing	dne
trusty	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-197 - Numeric Truncation Error
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.

Vulnerability Media Exposure

[GERMAN] Oracle MySQL: Mehrere Schwachstellen
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Published: 2026-01-20T23:00:00+00:00

References

https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8

http://seclists.org/fulldisclosure/2025/Sep/49

http://seclists.org/fulldisclosure/2025/Sep/53

http://seclists.org/fulldisclosure/2025/Sep/56

http://seclists.org/fulldisclosure/2025/Sep/57

http://seclists.org/fulldisclosure/2025/Sep/58

http://www.openwall.com/lists/oss-security/2025/09/06/1

https://cert-portal.siemens.com/productcert/html/ssa-225816.html

https://cert-portal.siemens.com/productcert/html/ssa-485750.html