CVE-2025-7024

HIGH 7.3

Local privilege escalation in Windows Server OS through installed Tetra Connectivity Server (TCS)

CVSS Score

7.3

EPSS Score

0.0%

EPSS Percentile

0th

Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse. An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the vulnerable directory. This issue affects TETRA connectivity Server: 7.0. Vulnerability fix is available and delivered to impacted customers.

CWE	CWE-276
Vendor	airbus
Product	tetra connectivity server (tcs)
Published	Apr 3, 2026
Last Updated	Apr 3, 2026

Stay Ahead of the Next One

Get instant alerts for airbus tetra connectivity server (tcs)

Be the first to know when new high vulnerabilities affecting airbus tetra connectivity server (tcs) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

AIRBUS / TETRA Connectivity Server (TCS)

7.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cwe.mitre.org: https://cwe.mitre.org/data/definitions/276.html

Credits

Erkan Ekici