CVE-2025-3578
Published: 15 April 2025
Summary
CVE-2025-3578 is a critical-severity Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism (CWE-1039) vulnerability in Incibe (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique System Information Discovery (T1082); ranked at the 48.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the LLM/Generative AI Risks risk domain.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-10934
- 🇪🇸 INCIBE: www.incibe.es
Vulnerability details
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to…
more
cause bugs that would result in the exfiltration of sensitive information, such as details about the software or internal system paths. These actions could be carried out through the misuse of LLM Prompt (chatbot) technology, via the /api/<string-chat>/message endpoint, by manipulating the contents of the ‘content’ parameter.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- LLM/Generative AI Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: llm
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows authenticated users to list other users' credentials (T1552), create or modify application users (T1098, T1136), and exfiltrate system software details and internal paths (T1082, T1083) via LLM prompt manipulation in the chatbot API.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.