- What is the severity of CVE-2025-6260?
- CVE-2025-6260 has been scored as a critical severity vulnerability.
- How to fix CVE-2025-6260?
- To fix CVE-2025-6260: Network Thermostat recommends users to update to the following (or newer) versions: * X-Series WiFi thermostats with v4.x to a minimum of v4.6 * X-Series WiFi thermostats with v9.x to a minimum of v9.46 * X-Series WiFi thermostats with v10.x to a minimum of v10.29 * X-Series WiFi thermostats with v11.x to a minimum of v11.5 This update was applied automatically to reachable units, requiring no action from end users. If end users would like their units behind firewalls to be updated, contact Network Thermostat at support@networkthermostat.com to coordinate an update.
- Is CVE-2025-6260 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2025-6260 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2025-6260?
- CVE-2025-6260 affects Network Thermostat X-Series WiFi thermostats.