CVE-2025-10226
Published: 10 September 2025
Summary
CVE-2025-10226 is a critical-severity an unspecified weakness vulnerability in Axxonsoft Axxon One. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 29.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SA-22 (Unsupported System Components).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely remediation of known flaws in third-party components like the multiple CVEs in PostgreSQL v10.x used by Axxon One.
Mandates vulnerability scanning to identify and prioritize the outdated PostgreSQL v10.x components containing exploitable CVEs.
Prohibits use of unsupported system components such as PostgreSQL v10.x, which harbors unresolved vulnerabilities enabling remote exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes unauthenticated remote exploitation of a public-facing PostgreSQL backend component (CWE-1395) leading directly to RCE and privilege escalation, mapping to T1190 for the initial network exploitation vector and T1068 for the resulting escalation.
NVD Description
Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known…
more
CVEs present in PostgreSQL v10.x, which are resolved in PostgreSQL 17.4.
Deeper analysisAI
CVE-2025-10226 is a Dependency on Vulnerable Third-Party Component vulnerability (CWE-1395) in the PostgreSQL backend of AxxonSoft Axxon One (C-Werk) version 2.0.8 and earlier, affecting deployments on both Windows and Linux. The flaw arises from reliance on PostgreSQL v10.x, which includes multiple known CVEs that enable exploitation. These underlying issues have been resolved in PostgreSQL 17.4. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical.
A remote attacker requires no privileges, user interaction, or special access and can exploit the vulnerability over the network with low attack complexity. Successful exploitation allows privilege escalation, arbitrary code execution, or denial-of-service against the affected Axxon One instance.
For mitigation guidance, refer to AxxonSoft's security advisories at https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories and PostgreSQL release documentation at https://www.postgresql.org/docs/release, which detail patches and upgrades addressing the vulnerable PostgreSQL v10.x components.
Details
- CWE(s)