Vulnerability in Arcinfo Pcvue
CVE-2025-4384
The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client cer…
EPSS: 0.001 (21.0th percentile) — read the EPSS interpretation.
Affected products
- Arcinfo Pcvue — versions 16.3.0, 16.0, 15.0
Weakness classification (CWE)
References
- www.pcvue.com/security/ (vendor-advisory)