CVE-2025-0739
Published: 30 January 2025
Summary
CVE-2025-0739 is a high-severity Improper Access Control (CWE-284) vulnerability in Thesamur Embedai. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.
The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
AC-3 enforces approved authorizations for logical access to subscription information, directly preventing authenticated attackers from viewing other users' data by manipulating the SUBSCRIPTION_ID parameter.
AC-24 authorizes access to specific system resources like subscriptions using security attributes such as user ownership, mitigating unauthorized disclosure via IDOR.
AC-6 applies least privilege to restrict authenticated users to only their own subscription data, reducing the impact of improper access enforcement.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2025-0739 is an improper access control (IDOR) vulnerability in a public-facing web application, enabling exploitation for initial access or post-auth data disclosure (T1190). It facilitates cloud account discovery (T1087.004) by allowing manipulation of the subscription ID parameter to access other users' subscription information.
NVD Description
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing the "SUSCBRIPTION_ID" param of the endpoint "/demos/embedai/subscriptions/show/<SUSCBRIPTION_ID>".
Deeper analysisAI
CVE-2025-0739 is an Improper Access Control vulnerability (CWE-284) affecting EmbedAI version 2.1 and below. The issue resides in the endpoint "/demos/embedai/subscriptions/show/<SUSCBRIPTION_ID>", where insufficient controls allow manipulation of the SUSCBRIPTION_ID parameter. It has a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N), indicating high severity due to network accessibility, low attack complexity, no required privileges or user interaction, and changed scope with high confidentiality impact.
An authenticated attacker can exploit this vulnerability by altering the SUSCBRIPTION_ID parameter in the specified endpoint to access and view subscription information belonging to other users. This enables unauthorized exposure of sensitive subscription details without impacting integrity or availability.
The primary advisory is published by INCIBE-CERT, detailing multiple vulnerabilities in EmbedAI, including this issue, available at https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai. Practitioners should consult this notice for additional context and recommended mitigations.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- EmbedAI is a tool for creating chatbots, explicitly tagged with 'Artificial intelligence' in the advisory, and provides features like embedding AI chatbots with subscriptions, chats, and files, aligning with Enterprise AI Assistants platforms.