Critical vulnerabilities in Microsens NMP Web+ product could allow hackers to gain full control of industrial systems through forged tokens and arbitrary file execution. These flaws affect many organizations worldwide, including those in the critical manufacturing sector. #CVE-2025-49151 #CVE-2025-49153 #Microsens
Keypoints
- Microsens NMP Web+ product has two critical and one high-severity vulnerabilities.
- The vulnerabilities enable unauthenticated attackers to forge JSON Web Tokens and execute arbitrary code.
- Exploiting these flaws can give attackers full system control without prior credentials.
- Patch updates are available in version 3.3.0 for Windows and Linux to fix the issues.
- Many instances exposed to the internet are at risk, especially in industrial and manufacturing sectors.
Read More: https://www.securityweek.com/critical-microsens-product-flaws-allow-hackers-to-go-from-zero-to-hero/