CVE-2025-14097

A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management when specific internal conditions are met. Exploitation requires that a remote connection is established with additional information obtained through other means. The issue is caused by a weakness in the analyzer’s application software.                                                                                                                                                                                                Other related CVE&amp;#39;s are CVE-2025-14095 &amp; CVE-2025-14096.                                                                                                      Affected customers have been informed about this vulnerability. This CVE is being published to provide transparency.<br /> <br /> <br /> <br /> Required Configuration for Exposure: Affected application software version is in use and remote support feature is enabled in the analyzer.                                                                                                                                                                        Temporary work Around: If the network is not considered secure, please remove the analyzer from the network.                         Permanent solution:<br /> Customers should ensure the following:<br /> • The network is secure, and access follows best practices.<br /> Local Radiometer representatives will contact all affected customers to discuss a permanent solution.                                                     <br /> Exploit Status:<br /> <br /> <br /> Researchers have provided working proof-of-concept (PoC). Radiometer is not aware of any publicly available exploits at the time of this publication.