HIGH
Viessmann
CVE published 2025-09-23
CVE-2025-9495
CVE-2025-9495 affects Viessmann Vitogate 300. CISA describes a weakness where the server relies on client-side protection mechanisms; an attacker can modify client behavior to bypass those protections and trigger unintended client-server interactions. Viessmann’s remediation guidance says the issue is resolved in software version 3.1.0.1 or newer.