Ericsson Indoor Connect 8855 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Ericsson Indoor Connect 8855 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-27261 — CVSS 9.8 (critical): Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or…
CVE-2025-40836 — CVSS 9.8 (critical): Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute…
CVE-2025-40837 — CVSS 8.8 (high): Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user…
CVE-2025-27262 — CVSS 7.8 (high): Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges.
CVE-2025-27260 — CVSS 7.5 (high): Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if…
CVE-2025-40838 — CVSS 7.5 (high): Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead…
CVE-2025-40842 — CVSS 6.1 (medium): Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to…
CVE-2025-40841 — CVSS 4.3 (medium): Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can…