- What is the severity of CVE-2025-5015?
- CVE-2025-5015 has been scored as a high severity vulnerability.
- How to fix CVE-2025-5015?
- To fix CVE-2025-5015: Parsons Utility Enterprise Data Management Users - This vulnerability has been patched in all instances managed by Parsons as of January 7, 2025. No end-user action is required. AclaraONE Hosted Users – This vulnerability has been patched in all instances managed by Aclara as of February 7, 2025. No end-user action is required. AclaraONE On Premise Users - End-user action is required. A patch and mitigation information for AclaraONE is available through the Aclara Connect Customer Portal. If you prefer assistance, Aclara Support would be happy to help. Users may request an appointment to apply the patch update by opening a ticket on the Aclara Connect Customer Portal, or by contacting us by phone or email. Requests will be processed in the order received.
- Is CVE-2025-5015 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2025-5015 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2025-5015?
- CVE-2025-5015 affects Parsons Parsons Utility Enterprise Data Management, Parsons AclaraONE Utility Portal.