CVE-2025-41403
Published: 22 May 2025
Summary
CVE-2025-41403 is a high-severity SQL Injection (CWE-89) vulnerability in Zohocorp Manageengine Adaudit Plus. Its CVSS base score is 8.3 (High).
Operationally, ranked in the top 9.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are affected by an authenticated SQL injection vulnerability, identified as CVE-2025-41403 and assigned CWE-89. The flaw manifests specifically when the product fetches service account audit data and received a CVSS 3.1 base score of 8.3 reflecting network attack vector, low complexity, and low-privileged access requirements.
An authenticated attacker with low privileges can send crafted requests over the network to exploit the injection, enabling unauthorized access that may result in high-impact disclosure or modification of data along with limited availability effects.
The vendor advisory published at https://www.manageengine.com/products/active-directory-audit/cve-2025-41403.html addresses the issue and provides mitigation guidance for affected installations.
EPSS remains flat at 0.0525 with no material change observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-16109
Vulnerability details
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.