Cyber Resilience

CVE-2025-25709

High

Published: 12 March 2025

Published
12 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0006 19.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25709 is a high-severity an unspecified weakness vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 19.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-25709, published on 2025-03-12, is a privilege escalation vulnerability in dtp.ae tNexus Airport View version 2.8. The issue resides in the addUser and updateUser endpoints, where a remote attacker can exploit flawed access controls to elevate their privileges. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity due to network accessibility, low attack complexity, and significant confidentiality impact without affecting integrity or availability.

A remote attacker requires no prior privileges, authentication, or user interaction to exploit the vulnerability over the network. By targeting the addUser or updateUser endpoints, the attacker can escalate to higher privilege levels, potentially gaining unauthorized access to sensitive data and achieving high confidentiality impact as reflected in the CVSS metrics.

Mitigation details and further technical analysis are available in the referenced vulnerability research repository at https://github.com/z5jt/vulnerability-research/tree/main/CVE-2025-25709.

EU & UK References

Vulnerability details

An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via the addUser and updateUser endpoints

CWE(s)
None listed

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The CVE describes an unauthenticated remote privilege escalation vulnerability in a public-facing web application due to flawed access controls on addUser/updateUser endpoints, directly enabling T1190 for initial access via public app exploitation and T1068 for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces approved authorizations on endpoints like addUser and updateUser to prevent unauthorized privilege escalation due to flawed access controls.

prevent

Implements least privilege to restrict user and process access, mitigating the ability to escalate privileges via the vulnerable endpoints.

prevent

Manages account creation and updates to ensure proper authorization checks before privilege changes on addUser and updateUser endpoints.

References