Platform
other
Component
kyocera-net-admin
CVE-2019-25254 describes a cross-site request forgery (CSRF) vulnerability discovered in KYOCERA Net Admin version 3.4.0906. This flaw allows attackers to create new administrative users without proper request validation, potentially leading to unauthorized access and control of the network device. Affected users should prioritize upgrading to a patched version or implementing mitigating controls. The vulnerability was publicly disclosed on December 24, 2025.
The primary impact of CVE-2019-25254 is the ability for an attacker to create new administrative accounts on a vulnerable KYOCERA Net Admin system. This can be achieved by crafting malicious web pages that automatically submit forms with predefined credentials when a legitimate, logged-in user visits the page. Successful exploitation grants the attacker full administrative privileges, enabling them to modify configurations, access sensitive data, and potentially compromise the entire network. The blast radius extends to any systems accessible through the compromised network device, and the lack of validation makes this vulnerability particularly dangerous.
CVE-2019-25254 has been publicly disclosed. There is no indication of active exploitation campaigns at this time. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the CSRF nature of the vulnerability makes it relatively easy to exploit with basic web development skills.
Exploit Status
EPSS
0.01% (2% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation for CVE-2019-25254 is to upgrade KYOCERA Net Admin to a patched version as soon as it becomes available. If an immediate upgrade is not possible, implement a Web Application Firewall (WAF) with CSRF protection rules to filter malicious requests. Additionally, enforce strong password policies and multi-factor authentication for all administrative accounts to limit the impact of a successful attack. Regularly review access logs for suspicious activity and consider implementing stricter input validation on administrative forms.
Update to a patched version of KYOCERA Net Admin. Consult the Kyocera page for information on available updates and mitigation instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-25254 is a cross-site request forgery vulnerability in KYOCERA Net Admin 3.4.0906 that allows attackers to create admin users without validation, potentially gaining control of the device.
If you are running KYOCERA Net Admin version 3.4.0906, you are potentially affected by this vulnerability. Upgrade as soon as possible.
The primary fix is to upgrade to a patched version of KYOCERA Net Admin. If upgrading is not immediately possible, implement WAF rules and strong access controls.
There is currently no evidence of active exploitation, but the vulnerability's nature makes it easily exploitable.
Please refer to the KYOCERA security advisories page for the latest information and updates regarding CVE-2019-25254.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.