CVE-2025-47415 is a path traversal vulnerability (CWE-22) affecting CRESTRON TOUCHSCREENS x60 and x70 series, specifically confirmed on hardware models TSW-760 and TSW-1060. The vulnerability arises from improper limitation of pathname inputs, allowing an attacker to manipulate file paths to access directories and files outside the intended restricted directory. This can lead to unauthorized reading or potentially modification of sensitive files on the device's filesystem. The affected firmware versions include 3.000.0110.001 and earlier, with a fixed firmware version 3.001.0031.001 available for the x70 series. However, some firmware versions such as 3.002.1061 remain unfixed due to product discontinuation. The CVSS 4.0 base score is 6.8 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:H - high privileges required), user interaction required (UI:P), no confidentiality impact (VC:N), high integrity impact (VI:H), no availability impact (VA:N), and no scope change (SC:N). The vulnerability allows an attacker with high privileges and some user interaction to exploit the path traversal to compromise integrity by accessing or modifying files outside the intended directory. No known exploits are currently reported in the wild. This vulnerability is significant in environments where CRESTRON touchscreens are used for building automation, conference room control, or other critical infrastructure, as unauthorized access to device files could lead to further compromise or disruption of services.

For European organizations, especially those in sectors such as corporate offices, government buildings, educational institutions, and smart building management, this vulnerability poses a risk to operational integrity and security. CRESTRON touchscreens are widely used in conference rooms and building automation systems across Europe. Exploitation could allow attackers to manipulate device configurations or access sensitive data stored on the device, potentially leading to unauthorized control over building systems or leakage of sensitive operational information. While the vulnerability does not directly impact confidentiality, the high integrity impact means attackers could alter device behavior, causing disruptions or facilitating lateral movement within a network. Given the requirement for high privileges and user interaction, the risk is somewhat mitigated but remains relevant in environments where insider threats or targeted attacks are possible. The lack of a fix for discontinued firmware versions further complicates risk management for organizations using legacy devices.

1. Upgrade affected CRESTRON touchscreen devices to firmware version 3.001.0031.001 or later where available to remediate the vulnerability. 2. For devices running discontinued firmware versions without available patches, consider device replacement or network segmentation to isolate these devices from critical network segments. 3. Implement strict access controls and monitoring on devices to prevent unauthorized users from gaining the high privileges required to exploit this vulnerability. 4. Limit user interaction possibilities that could trigger exploitation, such as restricting access to device interfaces or disabling unnecessary features that require user input. 5. Employ network-level protections such as firewall rules and intrusion detection systems to monitor and block suspicious activity targeting CRESTRON devices. 6. Conduct regular security audits and vulnerability assessments on building automation and control systems to identify and remediate similar issues proactively. 7. Educate facility management and IT staff about the risks and signs of exploitation related to these devices to enhance detection and response capabilities.