Cyber Resilience

CVE-2025-34143

CriticalPublic PoCRCE

Published: 22 July 2025

Published
22 July 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0250 85.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-34143 is a critical-severity OS Command Injection (CWE-78) vulnerability in Etq (inferred from references). Its CVSS base score is 9.3 (Critical).

Operationally, ranked in the top 14.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

An authentication bypass vulnerability affects ETQ Reliance on the legacy CG platform. The flaw permits login as the privileged internal SYSTEM account through manipulation of the username field on the login page. Because the SYSTEM account requires no password, the issue stems from insufficient validation that allowed internal accounts to participate in public authentication flows. The vulnerability carries a CVSS 4.0 score of 9.3 and is associated with CWE-78, CWE-269, and CWE-288.

Attackers with network access to the login page can exploit the bypass to obtain elevated privileges without credentials. Once authenticated as SYSTEM, they can achieve remote code execution by editing Jython scripts within the application. The attack requires no user interaction and can be performed remotely over the network.

Vendor guidance and public advisories indicate the issue was addressed in version MP-4583 by adding stricter validation logic that excludes internal accounts from public authentication workflows. ETQ published a security update notice and Assetnote and VulnCheck both reference the same remediation and the underlying root cause involving trailing-space username handling.

The EPSS score rose from a low baseline to a peak of 0.0626 on 2025-12-11 before receding to the current value of 0.0250, indicating that exploitation interest increased several months after disclosure.

EU & UK References

Vulnerability details

An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network…

more

access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Etq
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-78 CWE-269

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

addresses: CWE-269

Policy addresses roles, responsibilities, and privilege management to prevent improper privilege assignments.

addresses: CWE-269

Access supervision ensures privileges are assigned and managed without improper escalation or retention.

addresses: CWE-288

Authorizing remote access reduces the ability to bypass authentication via unauthorized alternate remote channels.

addresses: CWE-269

Assigning group/role memberships and access authorizations (privileges) while reviewing accounts addresses improper privilege management.

addresses: CWE-269

Enforces proper privilege management by requiring all decisions through the verified reference monitor.

addresses: CWE-269

By mandating division of duties across roles, the control enforces proper privilege management and prevents a single entity from controlling an entire sensitive process.

addresses: CWE-269

Implements core proper privilege management by restricting to only required rights.

References