CVE-2025-34143
Published: 22 July 2025
Summary
CVE-2025-34143 is a critical-severity OS Command Injection (CWE-78) vulnerability in Etq (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, ranked in the top 14.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
An authentication bypass vulnerability affects ETQ Reliance on the legacy CG platform. The flaw permits login as the privileged internal SYSTEM account through manipulation of the username field on the login page. Because the SYSTEM account requires no password, the issue stems from insufficient validation that allowed internal accounts to participate in public authentication flows. The vulnerability carries a CVSS 4.0 score of 9.3 and is associated with CWE-78, CWE-269, and CWE-288.
Attackers with network access to the login page can exploit the bypass to obtain elevated privileges without credentials. Once authenticated as SYSTEM, they can achieve remote code execution by editing Jython scripts within the application. The attack requires no user interaction and can be performed remotely over the network.
Vendor guidance and public advisories indicate the issue was addressed in version MP-4583 by adding stricter validation logic that excludes internal accounts from public authentication workflows. ETQ published a security update notice and Assetnote and VulnCheck both reference the same remediation and the underlying root cause involving trailing-space username handling.
The EPSS score rose from a low baseline to a peak of 0.0626 on 2025-12-11 before receding to the current value of 0.0250, indicating that exploitation interest increased several months after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22321
Vulnerability details
An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network…
more
access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.
Policy addresses roles, responsibilities, and privilege management to prevent improper privilege assignments.
Access supervision ensures privileges are assigned and managed without improper escalation or retention.
Authorizing remote access reduces the ability to bypass authentication via unauthorized alternate remote channels.
Assigning group/role memberships and access authorizations (privileges) while reviewing accounts addresses improper privilege management.
Enforces proper privilege management by requiring all decisions through the verified reference monitor.
By mandating division of duties across roles, the control enforces proper privilege management and prevents a single entity from controlling an entire sensitive process.
Implements core proper privilege management by restricting to only required rights.