What is CVE-2025-22960?

A session hijacking vulnerability in the GatesAir Maxiva UAXT, VAXT transmitters allows unauthenticated attackers to access sensitive session information. Organizations must prioritize patching to mitigate risks associated with unauthorized access and privilege escalation.

What is the severity of CVE-2025-22960?

CVE-2025-22960 has a severity rating of HIGH with a CVSS base score of 8.

CVE-2025-22960 | High Vulnerability in GatesAir Maxiva UAXT, VAXT Transmitters

A session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated attackers can access exposed log files (/logs/debug/xteLog*), potentially revealing sensitive session-related information such as session IDs (sess_id) and authentication success tokens (user_check_password OK). Exploiting this flaw could allow attackers to hijack active sessions, gain unauthorized access, and escalate privileges on affected devices. This vulnerability is classified as high severity with a CVSS score of 8.

Risk to organizations includes the potential for unauthorized access to sensitive operations, which can lead to significant operational disruptions and data breaches. The urgency to address this vulnerability is high, as it may expose critical infrastructure to attacks that could escalate privileges and compromise the integrity of the systems.

As this vulnerability is deferred, it is crucial for security teams to monitor for updates from the vendor and prepare for remediation. Organizations should prioritize patching immediately.

Understanding the implications of this vulnerability and implementing timely security measures will be essential in mitigating risks associated with session hijacking attacks.

Vulnerability Details

The vulnerability allows unauthenticated attackers to access sensitive log files, potentially compromising session information. The CVSS score of 8 indicates a high severity level, reflecting the significant risk posed by this vulnerability. The exploitability is high, and affected products include GatesAir Maxiva UAXT and VAXT transmitters. The CWE classification for this vulnerability is CWE-200.

Technical Analysis

The root cause of this vulnerability is the improper management of session information within the web-based management interface. Attackers can exploit this vulnerability through a network attack vector, requiring low complexity and low privileges to execute. User interaction is necessary, as attackers must access the exposed log files to retrieve sensitive information. The impact on confidentiality, integrity, and availability is high, as successful exploitation can lead to unauthorized access and privilege escalation.

Risk & Impact Analysis

Organizations deploying GatesAir Maxiva UAXT and VAXT transmitters face considerable risk if this vulnerability is exploited. The potential for unauthorized access and privilege escalation poses a threat to critical operations and the integrity of sensitive information. Given the high CVSS score, organizations should address this vulnerability in their priority patch cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions prior to vendor patch are affected by this vulnerability in the GatesAir Maxiva UAXT and VAXT transmitters.

Mitigation & Remediation

Organizations should prioritize patching immediately. Upgrade to the latest version of GatesAir Maxiva UAXT and VAXT transmitters to resolve this vulnerability. Additionally, hardening configurations and implementing network controls can mitigate exposure to this risk. Continuous monitoring for unauthorized access attempts should be established to detect any exploitation attempts promptly.

Detection Guidance

Monitor logs for indicators of unauthorized access. Behavioral anomalies in user sessions should be flagged for further investigation. Network signatures that correlate with known attack patterns can help in identifying potential exploitation. System changes should be closely monitored to detect any unauthorized modifications.

AppSecure Threat Intelligence Insight

This vulnerability highlights the ongoing risks associated with session management in web applications. Organizations should continuously evaluate their session management practices and implement robust security measures to protect against similar vulnerabilities. For effective security management, organizations can consider engaging in penetration testing to identify weaknesses in their systems.

Additionally, organizations are encouraged to follow the latest security trends and best practices to enhance their defenses against evolving threats. For more insights, refer to our resources on penetration testing methodology and vulnerability management program design to strengthen their security posture.

This ongoing analysis of vulnerabilities such as CVE-2025-22960 is crucial for maintaining an effective cybersecurity strategy.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-22960: High Vulnerability in GatesAir Maxiva UAXT, VAXT Transmitters