Missing Support for Integrity Check

CVE-2025-48500

High

7/10

Summary

A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-353 - Missing Support for Integrity Check

The software uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.

References

Advisory Timeline

Published Aug 13, 2025

Missing Support for Integrity Check

CVE-2025-48500

Summary

CWE-353 - Missing Support for Integrity Check

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS