CVE-2025-64302 is a vulnerability classified under CWE-79 (Cross-Site Scripting) found in Advantech's DeviceOn/iEdge platform, a solution commonly used for industrial device management and IoT edge computing. The root cause is insufficient input sanitization on user-controllable fields such as dashboard labels or paths. This flaw allows an attacker to inject malicious scripts or crafted input that triggers device errors. Exploitation can lead to limited information disclosure and unauthorized data manipulation within the device management interface. The vulnerability requires low privileges (PR:L) but no user interaction (UI:N), and can be exploited remotely over the network (AV:N). The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. The CVSS v3.1 base score is 6.4, indicating medium severity with impacts on confidentiality and integrity but no availability impact. No patches or exploits are currently known, but the vulnerability poses a risk especially in environments where DeviceOn/iEdge is deployed to manage critical industrial assets. The lack of input sanitization suggests that attackers could craft payloads to manipulate device behavior or extract sensitive information from the dashboard interface, potentially undermining operational integrity.

For European organizations, particularly those in industrial automation, manufacturing, and critical infrastructure sectors, this vulnerability could lead to unauthorized data manipulation and partial information disclosure. Such impacts may disrupt operational decision-making or expose sensitive configuration details to attackers. Since DeviceOn/iEdge is used to manage edge devices and IoT endpoints, exploitation could undermine the integrity of device management processes, potentially cascading into broader operational disruptions. The medium severity score reflects that while availability is not directly impacted, confidentiality and integrity breaches could facilitate further attacks or espionage. Organizations relying on Advantech solutions for industrial control systems (ICS) or IoT deployments in Europe must consider the risk of targeted attacks exploiting this vulnerability, especially given the strategic importance of industrial sectors in countries like Germany and France. The absence of known exploits currently reduces immediate risk but does not eliminate the threat, as attackers may develop exploits once details become widely known.

1. Implement strict input validation and sanitization on all user inputs, especially dashboard labels and path parameters, to prevent injection of malicious scripts. 2. Restrict access to the DeviceOn/iEdge dashboard to trusted networks and authenticated users with the minimum required privileges. 3. Monitor device logs and network traffic for unusual activity or error patterns that could indicate exploitation attempts. 4. Employ web application firewalls (WAFs) with rules targeting common XSS attack vectors to provide an additional layer of defense. 5. Coordinate with Advantech for timely patches or updates addressing this vulnerability once available. 6. Conduct regular security assessments and penetration testing focused on the management interfaces of industrial IoT platforms. 7. Segment industrial networks to isolate critical device management systems from general IT infrastructure, limiting attack surface. 8. Educate operational technology (OT) personnel about the risks of input-based attacks and the importance of secure configuration practices.