CVE-2025-2819

There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and unauthorized access by an authenticated privileged user.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0001.pdf

Configurations

No configuration.

History

27 Mar 2025, 16:45

Type	Values Removed	Values Added
Summary		(es) Existe el riesgo de cargas no autorizadas de archivos en GT-SoftControl y posibles sobrescrituras de archivos debido a una validación insuficiente en el proceso de selección. Esto podría generar problemas de integridad de los datos y acceso no autorizado por parte de un usuario con privilegios autenticados.

26 Mar 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-26 15:16

Updated : 2025-03-27 16:45

NVD link : CVE-2025-2819

Mitre link : CVE-2025-2819

CVE.ORG link : CVE-2025-2819

JSON object : View

Products Affected

No product.

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

6.6 /10