Cyber Posture

CVE-2025-15552

High

Published: 16 March 2026

Published
16 March 2026
Modified
20 April 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 3.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-15552 is a high-severity Insufficient Session Expiration (CWE-613) vulnerability in Truesec Lapswebui. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unsecured Credentials (T1552); ranked at the 3.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-12 (Session Termination) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Unsecured Credentials (T1552) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-12 Session Termination good match
prevent

Directly addresses insufficient session expiration by enforcing automatic termination of user sessions after defined inactivity periods, preventing unauthorized access to persistent LAPSWebUI sessions.

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of the specific flaw in LAPSWebUI prior to version 2.4 via upgrade, eliminating the vulnerability at its source.

AC-11 Device Lock partial match
prevent

Initiates device lock after inactivity on the workstation, blocking local attackers from accessing and exploiting non-expired sessions in the web UI.

MITRE ATT&CK Enterprise TechniquesAI

T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1078.003 Local Accounts Stealth
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
Why these techniques?

Insufficient session expiration directly exposes LAPS credentials (T1552), enabling local low-priv attacker to obtain local admin password and escalate privileges (T1068, T1078.003).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.

Deeper analysisAI

CVE-2025-15552 is an Insufficient Session Expiration vulnerability (CWE-613) in Truesec’s LAPSWebUI prior to version 2.4. Published on 2026-03-16T14:17:56.130, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The flaw stems from sessions that do not expire properly, enabling unauthorized access to sensitive credentials within the LAPS (Local Administrator Password Solution) web interface.

A local attacker with access to an affected workstation and low privileges can exploit this vulnerability with low attack complexity and no user interaction. Exploitation allows disclosure of the local administrator password, resulting in privilege escalation and high impacts on confidentiality, integrity, and availability.

The advisory at https://labs.reversec.com/advisories/2026/03/long-session-lifetime-in-truesec-lapswebui provides details on the issue, with mitigation achieved by upgrading to LAPSWebUI version 2.4 or later.

Details

CWE(s)
CWE-613

Affected Products

truesec
lapswebui
≤ 2.4

CVEs Like This One

CVE-2025-15553Same product: Truesec Lapswebui
CVE-2025-15554Same product: Truesec Lapswebui
CVE-2026-24669Shared CWE-613
CVE-2026-41133Shared CWE-613
CVE-2024-33507Shared CWE-613
CVE-2025-59786Shared CWE-613
CVE-2026-24912Shared CWE-613
CVE-2026-41902Shared CWE-613
CVE-2025-24973Shared CWE-613
CVE-2026-33417Shared CWE-613

References