CVE-2025-2320
Published: 14 March 2025
Summary
CVE-2025-2320 is a high-severity Incorrect Privilege Assignment (CWE-266) vulnerability in 274056675 Springboot-Openai-Chatgpt. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 31.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires systems to enforce approved authorizations for access to resources, directly addressing the improper authorization flaw in the User Handler submit function.
Restricts specific actions like the vulnerable submit function from being performed without identification or authentication, preventing remote unauthorized manipulation.
Limits the privileges of processes handling API requests to minimize the impact of authorization bypasses in the springboot-openai-chatgpt application.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Improper authorization in user submit API allows logged-in users to create super administrator accounts without checks, enabling exploitation for privilege escalation (T1068), unauthorized account creation (T1136/T1136.001), and subsequent use of valid local accounts (T1078/T1078.003).
NVD Description
A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be…
more
launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2025-2320 is a critical improper authorization vulnerability (CWE-266, CWE-285) affecting the submit function in the /api/blade-user/submit file of the User Handler component within the springboot-openai-chatgpt application at commit e84f6f5, developed by 274056675. The issue allows manipulation leading to improper authorization and has a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
Remote attackers require no privileges or user interaction and face low attack complexity to exploit the vulnerability. Successful exploitation can result in low-level impacts to confidentiality, integrity, and availability.
VulDB advisories note that the exploit has been publicly disclosed and may be used. The product employs rolling releases for continuous delivery, so details on affected and updated versions are unavailable. The vendor was contacted early regarding the disclosure but provided no response.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- The affected software is 'springboot-openai-chatgpt', a Spring Boot application integrating OpenAI ChatGPT for chat functionality, with user management APIs, fitting the profile of an enterprise AI assistant.