CVE-2025-0745
Published: 30 January 2025
Summary
CVE-2025-0745 is a high-severity Improper Access Control (CWE-284) vulnerability in Thesamur Embedai. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-22 (Publicly Accessible Content).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved access control policies to prevent unauthorized retrieval of sensitive database backups via the vulnerable endpoint.
Limits access to database backups to the minimum privileges required, mitigating exploitation by authenticated or low-privileged attackers.
Restricts public access to sensitive system-generated content like database backups exposed through web endpoints.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The improper access control vulnerability in the web application enables exploitation of a public-facing application (T1190) and unauthorized collection of sensitive data from database backups (T1213.006).
NVD Description
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/<SQL_FILE>" endpoint.
Deeper analysisAI
CVE-2025-0745 is an Improper Access Control vulnerability (CWE-284) affecting EmbedAI versions 2.1 and below. Published on 2025-01-30, it enables access to database backups via the "/embedai/app/uploads/database/<SQL_FILE>" endpoint. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with network accessibility, low attack complexity, no privileges or user interaction required, and unchanged scope.
An authenticated attacker can exploit this vulnerability by directly requesting the vulnerable endpoint, allowing them to obtain sensitive database backups. This exposure could reveal critical data stored in the database, such as user information or application configurations, depending on the contents of the SQL files.
The INCIBE-CERT advisory at https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai provides details on this and other vulnerabilities in EmbedAI, including recommendations for mitigation. Security practitioners should consult the advisory for patching instructions and workarounds specific to affected deployments.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- EmbedAI is a tool for creating chatbots, which aligns with Enterprise AI Assistants as it provides a platform for building and deploying AI-powered conversational agents.