CVE Catalog
CVE-2025-56231
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk0.22%
13th percentile - higher than 13% of all known CVEs
Summary
Tonec Internet Download Manager 6.42.41.1 and earlier fails to validate SSL certificates, allowing attackers to bypass update protections.
Risk Assessment
An attacker can intercept and replace software updates, installing malware instead of legitimate patches, leading to system compromise.
Recommendation
Immediately update Internet Download Manager to the latest available version that includes the SSL certificate validation fix.
Original NVD description (English source)
Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections.

