What is CVE-2025-68273?

CVE-2025-68273 is a publicly disclosed cybersecurity vulnerability with a MEDIUM severity rating and CVSS score of 5.3.

How to search for CVE vulnerabilities?

You can search the 4nuxd CVE database using CVE IDs, vendor names, product names, or severity levels.

CVE-2025-68273

MEDIUM5.3/ 10.0

Published: January 1, 2026 at 07:15 PM

Modified: January 6, 2026 at 05:58 PM

Source: security-advisories@github.com

Vulnerability Description

Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and installed analyzer tools. This exposure facilitates reconnaissance for further attacks. Version 2.19.0 patches the issue.

CVSS Metrics

Base Score

5.3

Severity

MEDIUM

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-200

Source: security-advisories@github.com

NVD-CWE-noinfo

Source: nvd@nist.gov

AI Security Analysis

01 // Technical Summary

Unauthenticated information disclosure vulnerability in Signal K Server allows attackers to retrieve sensitive system data, including the data schema, connected devices, and installed tools. This reconnaissance vulnerability enables attackers to gain critical insights into the target system, potentially leading to further exploitation and complete system compromise. Immediate patching to version 2.19.0 or later is crucial.

02 // Vulnerability Mechanism

Step 1: Reconnaissance: The attacker identifies a vulnerable Signal K Server instance, likely through port scanning or other reconnaissance techniques. Step 2: Request Construction: The attacker crafts a specific HTTP request to an endpoint known to expose sensitive information (e.g., the data schema endpoint, device listing endpoint). The request does not require any authentication credentials. Step 3: Information Retrieval: The attacker sends the crafted request to the vulnerable server. Step 4: Response Analysis: The server, lacking proper authentication, responds with the requested sensitive information, including the Signal K data schema, connected serial devices, and installed analyzer tools. Step 5: Attack Planning: The attacker analyzes the retrieved information to identify potential attack vectors, such as vulnerable devices, software versions, or misconfigurations.

03 // Deep Technical Analysis

The vulnerability stems from a lack of proper authentication and authorization checks within the Signal K Server. Specifically, the server fails to restrict access to sensitive information endpoints. The root cause is likely a missing or inadequate access control mechanism, allowing any unauthenticated user to query and retrieve internal system data. This could be due to a default configuration that exposes internal APIs or a coding error that bypasses security checks. The absence of proper input validation could also contribute to the vulnerability, potentially allowing for more sophisticated attacks beyond simple information disclosure.