Cyber Resilience

CVE-2025-27893

LowPublic PoC

Published: 11 March 2025

Published
11 March 2025
Modified
08 August 2025
KEV Added
Patch
CVSS Score v3.1 1.8 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
EPSS Score 0.0012 30.8th percentile
Risk Priority 4 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27893 is a low-severity External Control of Assumed-Immutable Web Parameter (CWE-472) vulnerability in Archerirm Archer. Its CVSS base score is 1.8 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Stored Data Manipulation (T1565.001); ranked at the 30.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. NOTE: the Supplier analyzed the reported exploitation…

more

steps and found that, although the user can modify the immutable field, upon switching to View mode the field is reverted to its original value, without anything being saved to the database (and consequently there is no impact).

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

Vulnerability enables authenticated users to manipulate assumed-immutable web parameters (e.g., record creation dates) during copy operations, facilitating stored data manipulation to compromise data integrity, auditing, and compliance.

Affected Assets

archerirm
archer
6.0.0.0 — 6.14.00202.10024

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References