GCVE - cpe:2.3:a:crestron:touchscreens_x70:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:crestron:touchscreens_x70:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Crestron (`c3f889c7-b88c-556e-9a5e-f70525099cf1`)
Product	Touchscreens X70 (`afa39e9b-1e5c-535f-b65a-ac8ad1f8ff40`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-47421`	vulnerable	2026-06-03 15:01:32.694325	Privilege escalation via SCP login Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in CRESTRON TOUCHSCREENS x70 allows Argument Injection.This issue affects TOUCHSCREENS x70: from 3.001.0031.001 through 3.001.0034.001. A specially crafted SCP command sent via SSH login string can lead a valid administrator user to gain Privileged Operating System access on the device. Following Products Models are affected: TSW-x70 TSW-x60 TST-1080 AM-3000/3100/3200 Soundbar VB70 HD-PS622/621/402 HD-TXU-RXU-4kZ-211 HD-MDNXM-4KZ-E *Note: additional firmware updates will be published once made available Published: 2025-09-03T13:49:40.856Z Updated: 2025-09-03T13:59:32.186Z Open on db.gcve.eu Reference links https://security.crestron.com https://https://www.crestron.com/Software-Firmware/Firmware/Touchpanels/TS-770-TS-1070-TSS-770-TSS-1070-TSW-570/3-002-0040-001 https://https://www.crestron.com/release_notes/tsw-xx70_3.002.0040.001_release_notes.pdf	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.