Cyber Resilience

CVE-2025-2113

MediumPublic PoC

Published: 09 March 2025

Published
09 March 2025
Modified
27 June 2025
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0006 20.0th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2113 is a medium-severity Injection (CWE-74) vulnerability in Atgroup Atsvd. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-2113 is a SQL injection vulnerability affecting AT Software Solutions ATSVD versions up to 3.4.1. The issue resides in an unknown functionality of the "Esqueceu a senha" component, where manipulation of the "txtCPF" argument enables SQL injection. Rated with a CVSS v3.1 base score of 7.3 (High; AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and associated with CWEs 74 and 89, it was published on 2025-03-09.

Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling unauthorized data access, modification, or disruption through injected SQL payloads.

Advisories recommend upgrading to ATSVD version 3.4.2 to address the issue. The exploit has been publicly disclosed, as evidenced by references including a GitHub repository and VulDB entries detailing the vulnerability.

EU & UK References

Vulnerability details

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to…

more

sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.2 is able to address this issue. It is recommended to upgrade the affected component.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in a network-accessible web application component (forgot password form) with no auth required directly enables T1190 Exploit Public-Facing Application for initial access, data access, and modification.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-3150Shared CWE-74, CWE-89
CVE-2026-3746Shared CWE-74, CWE-89
CVE-2025-2683Shared CWE-74, CWE-89
CVE-2026-5238Shared CWE-74, CWE-89
CVE-2026-4288Shared CWE-74, CWE-89
CVE-2026-2220Shared CWE-74, CWE-89
CVE-2025-1535Shared CWE-74, CWE-89
CVE-2026-0597Shared CWE-74, CWE-89
CVE-2026-1688Shared CWE-74, CWE-89
CVE-2026-5018Shared CWE-74, CWE-89

Affected Assets

atgroup
atsvd
≤ 3.4.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection by validating and sanitizing the txtCPF input in the 'Esqueceu a senha' component.

prevent

Ensures timely patching to ATSVD version 3.4.2, which remediates the specific SQL injection vulnerability.

preventdetect

Vulnerability scanning identifies the SQL injection flaw in ATSVD up to 3.4.1 and triggers remediation.

References