CVE-2025-60959
Published: 06 October 2025
Description
Adversaries may abuse Unix shell commands and scripts for execution.
Security Summary
CVE-2025-60959 is an OS Command Injection vulnerability (CWE-78) in EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware version 6010-0071-000 Ver 4.00. Published on 2025-10-06T17:16:06.737, it carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N) and enables attackers to gain sensitive information through improper handling of OS commands.
Remote, unauthenticated attackers can exploit this vulnerability over the network with low attack complexity and no user interaction. Exploitation grants limited confidentiality access to sensitive data alongside high integrity impact, allowing potential command injection that compromises system integrity without disrupting availability.
Advisories and vendor resources provide further details on the issue. Key references include EndRun Technologies at http://endrun.com, Sonoma at http://sonoma.com, and a vulnerability research advisory at https://xdiv-sec.github.io/vulnerability-research/advisories/2025-10-03-sonoma-d12.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
OS command injection vulnerability in public-facing network time server firmware directly enables exploitation of public-facing application (T1190) and adversary execution of Unix shell commands (T1059.004).