Cyber Resilience

CVE-2025-34320

CriticalPublic PoC

Published: 20 November 2025

Published
20 November 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0052 67.4th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-34320 is a critical-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 9.3 (Critical).

Operationally, ranked in the top 32.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This path traversal flaw, tracked as CWE-22, permits unauthenticated attackers to read arbitrary files accessible to the service account, including configuration artifacts that store credentials for BBj Enterprise Manager.

An attacker can supply directory traversal sequences to retrieve those credentials, obtain administrative access through the management interface, and execute system commands under the service account. Depending on the operating system and the privileges of the BBj service account, the same access may also expose additional sensitive files such as operating system or application data.

The vendor addressed the issue in BBj 25.00, as noted in the official release announcement. A detailed advisory from VulnCheck further describes the unauthenticated arbitrary file read and resulting remote code execution path.

EPSS for this CVE rose from a low starting value to a peak of 0.0103, indicating that exploitation interest increased after disclosure.

EU & UK References

Vulnerability details

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This allows unauthenticated directory traversal sequences to cause the server to read arbitrary system files accessible to the account…

more

running the service. Retrieved configuration artifacts may contain account credentials used for BBj Enterprise Manager; possession of these credentials enables administrative access and use of legitimate management functionality that can result in execution of system commands under the service account. Depending on the operating system and the privileges of the BBj service account, this issue may also allow access to other sensitive files on the host, including operating system or application data, potentially exposing additional confidential information.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

BASIS BBj
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References