What is CVE-2025-9317?

CVE-2025-9317 is a high-severity vulnerability in Aveva Edge, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 8.4/10. Published 2025-11-14.

How severe is CVE-2025-9317?

High severity. CVSS v3 base score is 8.4 out of 10.

Vulnerability in Aveva Edge

CVE-2025-9317

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.000 (0.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N.

Affected products

Aveva Edge — versions 0

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

References

www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/Securi…
www.cisa.gov/news-events/ics-advisories/icsa-25-317-03
github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-03.js…

Frequently asked questions

What is CVE-2025-9317?: CVE-2025-9317 is a high-severity vulnerability in Aveva Edge, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 8.4/10. Published 2025-11-14.
How severe is CVE-2025-9317?: High severity. CVSS v3 base score is 8.4 out of 10.