Browse all 5 CVE security advisories affecting Radiflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Radiflow specializes in industrial control system (ICS) and operational technology (OT) security, providing network monitoring and protection for critical infrastructure. Historically, their products have been associated with several remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The company has faced scrutiny for security weaknesses in its security information and event management (SIEM) solutions and industrial protocol analyzers. While no major public incidents have been widely reported, the presence of five CVEs indicates ongoing challenges in securing their OT-focused offerings against evolving threats in increasingly connected industrial environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3499 | Unauthenticated execution of arbitrary commands in Radiflow iSAP Smart Collector — iSAP Smart CollectorCWE-78 | 10.0 | Critical | 2025-07-09 |
| CVE-2025-3498 | Unauthenticated modification of Radiflow iSAP Smart Collector configuration — iSAP Smart CollectorCWE-306 | 9.9 | Critical | 2025-07-09 |
| CVE-2025-3497 | Radiflow iSAP Smart Collector Linux distribution unmaintained — iSAP Smart CollectorCWE-1104 | 8.7 | High | 2025-07-09 |
| CVE-2025-27028 | Read access of deprivileged Radiflow iSAP Smart Collector user — iSAP Smart CollectorCWE-266 | 6.8 | Medium | 2025-07-09 |
| CVE-2025-27027 | Restricted shell evasion in Radiflow iSAP Smart Collector — iSAP Smart CollectorCWE-653 | 4.1 | Medium | 2025-07-09 |
This page lists every published CVE security advisory associated with Radiflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.