Cyber Posture

CVE-2025-10589

HighRCE

Published: 17 September 2025

Published
17 September 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0028 51.7th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-10589 is a high-severity OS Command Injection (CWE-78) vulnerability in Org (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked in the top 48.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Unix Shell (T1059.004) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents OS command injection by implementing input validation mechanisms to sanitize untrusted inputs before processing.

SI-2 Flaw Remediation good match
prevent

Remediates the specific OS command injection flaw through timely patching and correction as per vendor advisories.

AC-6 Least Privilege partial match
prevent

Limits the impact of successful command injection by enforcing least privilege on the affected server processes.

MITRE ATT&CK Enterprise TechniquesAI

T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

OS command injection directly enables arbitrary Unix shell command execution (T1059.004) by authenticated low-privileged users; high impact on C/I/A indicates resulting privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Deeper analysisAI

CVE-2025-10589 is an OS command injection vulnerability (CWE-78) affecting the N-Reporter, N-Cloud, and N-Probe products developed by N-Partner. The flaw enables authenticated remote attackers to inject and execute arbitrary operating system commands on the affected server. It has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.

An authenticated attacker with low privileges can exploit this vulnerability remotely over the network without user interaction. Successful exploitation allows full execution of arbitrary OS commands on the server, potentially leading to complete system compromise, data exfiltration, modification of critical files, or denial of service.

Mitigation details are available in advisories from TWCERT/CC, including English and Traditional Chinese versions at https://www.twcert.org.tw/en/cp-139-10387-b8a4e-2.html and https://www.twcert.org.tw/tw/cp-132-10386-231ae-1.html. Security practitioners should consult these for vendor-recommended patches or workarounds.

Details

CWE(s)
CWE-78

Affected Products

Org
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-5208Shared CWE-78
CVE-2026-22277Shared CWE-78
CVE-2026-34955Shared CWE-78
CVE-2025-56108Shared CWE-78
CVE-2025-23383Shared CWE-78
CVE-2026-22229Shared CWE-78
CVE-2025-24378Shared CWE-78
CVE-2026-33641Shared CWE-78
CVE-2025-27394Shared CWE-78
CVE-2025-24386Shared CWE-78

References