CVE-2025-56513: CVE-2025-56513

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-56513

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed, resulting in full remote code execution. This constitutes a critical supply chain attack vector.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

NiceHash QuickMiner 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NiceHash QuickMiner是NiceHash.com开源的一个加密货币矿工软件。 NiceHash QuickMiner 6.12.0版本存在安全漏洞，该漏洞源于通过HTTP执行软件更新且未验证数字签名或哈希检查，可能导致远程代码执行。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-56513

#	POC Description	Source Link	Shenlong Link
1	Critical supply-chain vulnerability research on NiceHash QuickMiner update mechanism (CVE-2025-56513). Includes technical analysis, attack scenarios, impact assessment, and remediation guidance.	https://github.com/psycho-prince/CVE-2025-56513-NiceHash-Update-Chain-Compromise	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-56513

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-56513

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2025-56513

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-56513

III. Intelligence Information for CVE-2025-56513

IV. Related Vulnerabilities

V. Comments for CVE-2025-56513

Leave a comment