CVE-2025-53118
Published: 25 August 2025
Summary
CVE-2025-53118 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 2.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).
Deeper analysis
An authentication bypass vulnerability, tracked as CVE-2025-53118 and assigned CWE-306, affects Securden Unified PAM. The flaw permits an unauthenticated attacker to seize control of administrator backup functions, exposing stored passwords, secrets, and application session tokens. It carries a CVSS 3.1 base score of 9.8 reflecting network attack vector, low complexity, and no required privileges or user interaction.
An unauthenticated remote attacker can exploit the issue to access and manipulate backup operations, resulting in full compromise of sensitive credential material held by the product. The attack requires no authentication and can be launched over the network, enabling immediate theft or misuse of administrator-level secrets and tokens.
The referenced Rapid7 advisory details multiple critical vulnerabilities in Securden Unified PAM that were addressed through vendor patches. Organizations are advised to apply the available fixes promptly to restore proper authentication controls around backup functionality. The associated EPSS score has remained in the moderate range with a current value of 0.3491 and a peak of 0.3715.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-25753
Vulnerability details
An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass in network-exposed PAM directly enables T1190 exploitation for credential access via T1552 from backups/tokens.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2025-53118 by requiring timely identification, reporting, and correction of the authentication bypass flaw through patching.
Requires robust identification and authentication for organizational users, preventing unauthenticated access to administrator backup functions in the PAM system.
Enforces approved authorizations for access to sensitive backup controls, countering the authentication bypass vulnerability.