| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2025-12056
Vulnerability Database
CVE-2025-12056
Base Score
HIGH
8.3
CVE-2025-12056
Out-of-bounds Read in Shelly Pro 3EM (before v1.4.4) allows Overread Buffers.
Vector
ADJACENT
Published By
prodsec@nozominetworks.com
Published Date
Nov 19, 2025, 07:15
Weakness Type (CWE)
:
CWE-125
CVSS Metrics
CVSS v4.0
Base Score
8.3
Vector String
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Base Severity
HIGH
Version
4.0
Attack Vector (AV)
ADJACENT
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
Confidentiality (C)
Integrity (I)
Availability (A)
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-322-03
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-12056
Base Score
HIGH
8.3
Weakness Type (CWE)
:
CWE-125
CVSS Metrics
CVSS v4.0
Base Score
8.3
Vector String
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Base Severity
HIGH
Version
4.0
Attack Vector (AV)
ADJACENT
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
Confidentiality (C)
Integrity (I)
Availability (A)
