CVE-2025-53508

Description

Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status].

References

Link	Tags
https://www.i-netd.co.jp/vulnerability/dceid-2025-001/
https://jvn.jp/en/jp/JVN50585992/

Frequently Asked Questions

What is the severity of CVE-2025-53508?: CVE-2025-53508 has been scored as a high severity vulnerability.
How to fix CVE-2025-53508?: To fix CVE-2025-53508, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-53508 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-53508 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-53508?: CVE-2025-53508 affects iND Co.,Ltd HL330-DLS (for module MC7700), iND Co.,Ltd HL330-DLS (for module MC7330), iND Co.,Ltd HL320-DLS (for module MC7700), iND Co.,Ltd HL320-DLS (for module MC7330), iND Co.,Ltd LM-100, iND Co.,Ltd LM-200 (for module AMP570), iND Co.,Ltd LM-200 (for module EC25-J), iND Co.,Ltd L2X Assist, iND Co.,Ltd L2X Assist-RS-A, iND Co.,Ltd L2X Assist-RS-E, iND Co.,Ltd F2L Assist-SS-A, iND Co.,Ltd F2L Assist-SS-E.

Description

Category

CWE-78 – Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

References

Frequently Asked Questions