What is CVE-2025-4009?

CVE-2025-4009 is a vulnerability in Evertz 3080ipx-10g, classified under Command Injection. Published 2025-05-28.

Is CVE-2025-4009 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Evertz 3080ipx-10g

CVE-2025-4009

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product feat…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.739 (99.4th percentile) — read the EPSS interpretation.

Affected products

Evertz 3080ipx-10g — versions 0
Evertz 5782xps-app-4e — versions 0
Evertz 7890ixg — versions 0
Evertz Cc Access Server — versions 0
Evertz Cvip — versions 0
Evertz Mvip-ii — versions 0

Weakness classification (CWE)

CWE-77 — Command Injection

Public proof-of-concept exploits

References

www.onekey.com/resource/security-advisory-remote-code-execution-on-evertz-svdn-… (third-party-advisory)

Frequently asked questions

What is CVE-2025-4009?: CVE-2025-4009 is a vulnerability in Evertz 3080ipx-10g, classified under Command Injection. Published 2025-05-28.
Is CVE-2025-4009 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.