The vulnerability identified as CVE-2025-66573 affects mersive Solstice Pod API versions 5.5 and 6.2. It involves an unauthenticated API endpoint, specifically `/api/config`, which exposes sensitive information including the session key, server version, product details, and display name. This endpoint does not require any authentication or user interaction, allowing any remote attacker to access it and retrieve live session information. The core issue is the cleartext transmission of sensitive data (CWE-319), which violates secure communication principles and exposes session keys that could be used to hijack or impersonate legitimate sessions. The CVSS 4.0 score of 6.9 reflects a medium severity, driven by the fact that the attack vector is network-based, requires no privileges or user interaction, and impacts confidentiality. However, the vulnerability does not affect integrity or availability directly, and no known exploits have been reported in the wild yet. The lack of authentication on this endpoint represents a significant security design flaw, potentially allowing attackers to gather intelligence on the system and compromise session confidentiality. The Solstice Pod is commonly used in enterprise collaboration environments for wireless display and presentation sharing, making the exposure of session keys a critical risk for unauthorized access and data leakage.

For European organizations, this vulnerability could lead to unauthorized access to live collaboration sessions, enabling attackers to intercept or manipulate sensitive presentations or data shared via the Solstice Pod. Confidentiality is primarily impacted, as session keys and product details are exposed, potentially allowing session hijacking or unauthorized monitoring. This could result in intellectual property theft, leakage of sensitive business information, or disruption of secure communications. Organizations in sectors such as finance, government, education, and critical infrastructure that rely on Solstice Pod for secure presentations are particularly at risk. The vulnerability could also undermine trust in collaboration tools and lead to compliance issues with data protection regulations such as GDPR if sensitive information is exposed. While the vulnerability does not directly affect system availability or integrity, the potential for session compromise represents a significant operational and reputational risk.

To mitigate this vulnerability, organizations should immediately restrict network access to the `/api/config` endpoint by implementing firewall rules or network segmentation to limit exposure to trusted internal networks only. If possible, disable or restrict the API endpoint until a vendor patch or update is available. Employ strong network monitoring and intrusion detection systems to detect unusual or unauthorized access attempts to the Solstice Pod API. Enforce the use of encrypted communication channels (e.g., TLS) for all API interactions to prevent cleartext transmission of sensitive data. Regularly audit and update Solstice Pod software to the latest versions once patches addressing this vulnerability are released. Additionally, implement strict access control policies and consider multi-factor authentication for administrative interfaces to reduce the risk of unauthorized access. Educate users and administrators about the risks of exposing session keys and the importance of securing collaboration environments.