CVE-2025-4384

Certificate validity not properly verified

Description

The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client certificate reduces the risk for random devices to take advantage of this flaw.

Remediation

Solution:

  • Harden the configuration Who should apply this recommendation: All users The system operators are highly recommended to take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: * Use client certificate when configuring the MQTT add-on. * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet unless required. * Locate control system networks and remote devices behind firewalls and isolate them from business networks. * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. Update PcVue Who should apply this recommendation: All users using the affected component Apply the patch by installing a fixed PcVue version. Available patches: Fixed in: * PcVue 16.2.5 and PcVue 16.3.0 Planned in: * PcVue 15.2.12

Category

6.0
CVSS
Severity: Medium
CVSS 4.0 •
EPSS 0.01%
Vendor Advisory pcvue.com
Affected: arcinfo PcVue
Published at:
Updated at:

References

Link Tags
https://www.pcvue.com/security/#SB2025-3 vendor advisory

Frequently Asked Questions

What is the severity of CVE-2025-4384?
CVE-2025-4384 has been scored as a medium severity vulnerability.
How to fix CVE-2025-4384?
To fix CVE-2025-4384: Harden the configuration Who should apply this recommendation: All users The system operators are highly recommended to take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: * Use client certificate when configuring the MQTT add-on. * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet unless required. * Locate control system networks and remote devices behind firewalls and isolate them from business networks. * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. Update PcVue Who should apply this recommendation: All users using the affected component Apply the patch by installing a fixed PcVue version. Available patches: Fixed in: * PcVue 16.2.5 and PcVue 16.3.0 Planned in: * PcVue 15.2.12
Is CVE-2025-4384 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-4384 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-4384?
CVE-2025-4384 affects arcinfo PcVue.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.