Cyber Resilience

CVE-2025-34140

HighPublic PoC

Published: 22 July 2025

Published
22 July 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0109 78.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-34140 is a high-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Etq (inferred from references). Its CVSS base score is 8.7 (High).

Operationally, ranked in the top 21.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

An authorization bypass vulnerability exists in ETQ Reliance on the legacy CG and NXG SaaS platforms. The flaw stems from a misconfiguration in API authorization logic that allows an unauthenticated attacker to retrieve limited sensitive resources by appending a specific URI suffix to certain endpoints. The issue is tracked as CWE-639 and carries a CVSS 4.0 score of 8.7 reflecting network-accessible exploitation with high confidentiality impact and no required authentication or user interaction.

An unauthenticated remote attacker can exploit the weakness to bypass access-control checks on affected API endpoints and obtain restricted data that would otherwise be protected. Because the attack requires no credentials or special positioning, it can be carried out from anywhere on the network against exposed instances of the legacy platforms.

Vendor guidance states that the authorization logic has been corrected in SE.2025.1 and 2025.1.2. ETQ has published an advisory at etq.com along with a product overview, and additional technical detail is available from VulnCheck.

EPSS remains low and unchanged at a peak of 0.0109, indicating no material increase in observed exploitation interest since disclosure.

EU & UK References

Vulnerability details

An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms). By appending a specific URI suffix to certain API endpoints, an unauthenticated attacker can bypass access control checks and retrieve limited sensitive resources. The root cause…

more

was a misconfiguration in API authorization logic, which has since been corrected in SE.2025.1 and 2025.1.2.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Etq
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-639

Per-request decision making makes it harder to bypass authorization using user-controlled keys without proper validation in the decision process.

addresses: CWE-639

Consistent enforcement of approved authorizations makes bypassing via user-controlled keys ineffective.

References