What is CVE-2025-10365?

CVE-2025-10365 is a vulnerability in Evertz 3080ipx-10g, classified under Improper Authentication. Published 2025-09-12.

Is CVE-2025-10365 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Evertz 3080ipx-10g

CVE-2025-10365

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product feat…

Vulnerability class: Broken Authentication

EPSS: 0.058 (92.1th percentile) — read the EPSS interpretation.

Affected products

Evertz 3080ipx-10g — versions 0
Evertz 5782xps-app-4e — versions 0
Evertz 7890ixg — versions 0
Evertz Cc Access Server — versions 0
Evertz Cvip — versions 0
Evertz Mvip-ii — versions 0

Weakness classification (CWE)

CWE-287 — Improper Authentication

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.onekey.com/resource/security-advisory-remote-code-execution-on-evertz-svdn-… (third-party-advisory)

Frequently asked questions

What is CVE-2025-10365?: CVE-2025-10365 is a vulnerability in Evertz 3080ipx-10g, classified under Improper Authentication. Published 2025-09-12.
Is CVE-2025-10365 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.