CVE-2025-49153 is a critical vulnerability in MICROSENS NMP Web+ that CISA says could let an unauthenticated attacker overwrite files and execute arbitrary code. The advisory identifies affected products as MICROSENS NMP Web+ versions up to 3.2.5 and recommends updating to version 3.3.0 for Windows and Linux.
CVE-2025-49152 is a HIGH-severity authentication/session-control issue in MICROSENS NMP Web+. According to CISA’s advisory, affected versions contain JSON Web Tokens that do not expire, which can allow an attacker to gain access to the system. MICROSENS recommends updating to NMP Web+ 3.3.0 for Windows and Linux.
