CVE-2025-13087

Sažetak

A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. When a POST request is executed against the vulnerable endpoint, the application reads certain header details and unsafely uses these values to build commands, allowing an attacker with administrative privileges to inject arbitrary commands that execute as root.

Reference

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-324-03.json
https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-03
https://www.opto22.com/support/resources-tools/knowledgebase/kb91326

CVSS

Base:	6.2
Impact:	5.5
Exploitability:	0.7

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	LOW

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

Zadnje važnije ažuriranje

20-11-2025 - 22:15

Objavljeno

20-11-2025 - 22:15