{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-9998","assignerOrgId":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","state":"PUBLISHED","assignerShortName":"arcinfo","dateReserved":"2025-09-04T16:34:22.785Z","datePublished":"2025-09-05T16:40:13.645Z","dateUpdated":"2026-02-26T07:54:07.047Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","modules":["Networking"],"product":"PcVue","vendor":"arcinfo","versions":[{"lessThanOrEqual":"16.3.3","status":"affected","version":"16.0.0","versionType":"cpe"},{"lessThanOrEqual":"15.2.12","status":"affected","version":"15.0.0","versionType":"cpe"},{"lessThanOrEqual":"12.0.31","status":"affected","version":"12.0.0","versionType":"cpe"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndIncluding":"16.3.3","versionStartIncluding":"16.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndIncluding":"15.2.12","versionStartIncluding":"15.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.31","versionStartIncluding":"12.0.0","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"Guillaume André (Synacktiv)"},{"lang":"en","type":"finder","value":"Pierre Gertner (Synacktiv)"}],"datePublic":"2025-09-04T22:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The sequence of packets received by a Networking server are not correctly checked.<br><br>An attacker could exploit this vulnerability to send specially crafted messages to force the application to stop.<br>"}],"value":"The sequence of packets received by a Networking server are not correctly checked.\n\nAn attacker could exploit this vulnerability to send specially crafted messages to force the application to stop."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"No POC available."}],"value":"No POC available."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Not known to be exploited"}],"value":"Not known to be exploited"}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"NONE","attackVector":"ADJACENT","baseScore":6,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"GREEN","subAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M/U:Green","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"other":{"content":{"options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CNA","version":"2.0.3"},"type":"ssvc"},"scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","shortName":"arcinfo","dateUpdated":"2026-02-26T07:54:07.047Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.pcvue.com/security/#SB2025-4"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<b>Harden the configuration</b><br><u>Who should apply this recommendation:</u> All users<br>To reduce the risk of exploitation, ARC Informatique strongly recommends implementing the following defensive measures:<br><ul><li>Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from unsecure networks.</li><li>Locate control system networks and remote devices behind firewalls and isolate them from business networks.</li><li>When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.</li></ul><br><b>Update PcVue</b><br><u>Who should apply this recommendation:</u> All users running affected components.<br>Apply the patch by installing a fixed PcVue version.<br><br><b>A fixed release must be installed on all stations for the fix to be fully applied.</b><br>Existing projects require a settings update for the fix to be applied. The complete update procedure and verification steps are described in the Knowledge Base article KB1254\n\n(<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.pcvue.com/?post_type=post&amp;s=&amp;kbase_id=kb1254\">https://www.pcvue.com/?post_type=post&amp;s=&amp;kbase_id=kb1254</a>)\n\n.<br>For new projects, the settings are configured by default with secured values.<br><br>To verify that the patch has been applied correctly, the user must check that:<br><ul><li>The <i>File version</i> property of the file <i>./bin/sv32.exe</i> matches the deployed release or later, and ensure that any earlier release is no longer used;</li><li>The <i>Interoperability issues</i> settings of the Networking feature are disabled.</li></ul><br><br>\n\n<b>Available patches:</b><br>Patch provided in:<br><ul><li>PcVue 16.3.4 (16.3.4902.3112)</li><li>PcVue 15.2.13 (15.2.13902.37126)</li><li>PcVue 12.0.32 (12.0.32900.37130)</li></ul>"}],"value":"Harden the configuration\nWho should apply this recommendation: All users\nTo reduce the risk of exploitation, ARC Informatique strongly recommends implementing the following defensive measures:\n  *  Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from unsecure networks.\n  *  Locate control system networks and remote devices behind firewalls and isolate them from business networks.\n  *  When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\n\n\nUpdate PcVue\nWho should apply this recommendation: All users running affected components.\nApply the patch by installing a fixed PcVue version.\n\nA fixed release must be installed on all stations for the fix to be fully applied.\nExisting projects require a settings update for the fix to be applied. The complete update procedure and verification steps are described in the Knowledge Base article KB1254\n\n( https://www.pcvue.com/?post_type=post&s=&kbase_id=kb1254 )\n\n.\nFor new projects, the settings are configured by default with secured values.\n\nTo verify that the patch has been applied correctly, the user must check that:\n  *  The File version property of the file ./bin/sv32.exe matches the deployed release or later, and ensure that any earlier release is no longer used;\n  *  The Interoperability issues settings of the Networking feature are disabled.\n\n\n\n\n\n\nAvailable patches:\nPatch provided in:\n  *  PcVue 16.3.4 (16.3.4902.3112)\n  *  PcVue 15.2.13 (15.2.13902.37126)\n  *  PcVue 12.0.32 (12.0.32900.37130)"}],"source":{"advisory":"SB2025-4","discovery":"EXTERNAL"},"title":"Improper validation of packets sequencing","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-09-05T17:51:03.059305Z","id":"CVE-2025-9998","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-05T17:51:49.768Z"}}]}}