CVE-2025-47416

MEDIUM

libsymproc - RCE

Title source: llm

Description

A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by ctpd that may lead to unauthorized execution of an attacker-defined file that gets prioritized by the ConsoleFindCommandMatchList. A third-party researcher discovered that the ConsoleFindCommandMatchList enumerates the /dev/shm/symproc/c directory in alphabetical order to identify console commands. Permission levels are inferred from the integer values present in each command's file name. Confirmed Affected Hardware: TSW-760, TSW-1060 Confirmed Affected Firmware: 3.002.1061 Fixed Firmware: no fixed released (product is discontinued and end of life) For x70  The Affected Firmware:- 3.000.0110.001  and versions below The Fixed Firmware:- 3.001.0031.001

References (2)

[Various Sources] https://security.crestron.com

[Various Sources] https://www.crestron.com/Software-Firmware/Firmware/Touchpanels/TS-770-TS-1070-TSS-770-TSS-1070-TSW-570/3-002-0040-001

Scores

CVSS v4 5.9

EPSS 0.0010

EPSS Percentile 27.2%

CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-697

Status published

Products (2)

CRESTRON/Touchscreen x60s 3.002.1061

CRESTRON/TOUCHSCREEN x70 3.000.0110.001 - 3.001.0031.001

Published Sep 09, 2025

Tracked Since Feb 18, 2026