Cyber Resilience

CVE-2025-54347

Critical

Published: 24 November 2025

Published
24 November 2025
Modified
05 December 2025
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0030 53.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-54347 is a critical-severity Path Traversal (CWE-22) vulnerability in Desktopalert Pingalert Application Server. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 46.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-54347 is a Directory Traversal vulnerability (CWE-22) in the Application Server component of Desktop Alert PingAlert software, affecting versions 6.1.0.11 through 6.1.1.2. The flaw allows an attacker to write arbitrary files under certain conditions, earning a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, and high impacts across confidentiality, integrity, and availability.

An attacker with low privileges (PR:L), such as an authenticated user, can exploit this vulnerability remotely over the network without user interaction. Successful exploitation enables writing arbitrary files, potentially leading to remote code execution, data tampering, or system compromise given the changed scope (S:C) and high impact ratings.

Mitigation details are available in the vendor advisory at https://desktopalert.net/cve-2025-54347/. Security practitioners should review it for patching instructions and workarounds specific to affected PingAlert deployments.

EU & UK References

Vulnerability details

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Directory traversal vulnerability in a network-accessible application server (AV:N) directly enables exploitation of a public-facing application for arbitrary file writes, potentially leading to RCE and system compromise.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-64075Shared CWE-22
CVE-2024-53537Shared CWE-22
CVE-2024-36512Shared CWE-22
CVE-2025-0493Shared CWE-22
CVE-2025-70231Shared CWE-22
CVE-2026-43888Shared CWE-22
CVE-2025-15031Shared CWE-22
CVE-2026-25785Shared CWE-22
CVE-2025-11366Shared CWE-22
CVE-2026-1810Shared CWE-22

Affected Assets

desktopalert
pingalert application server
6.1.0.11 — 6.1.1.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents directory traversal attacks by validating file path inputs to reject traversal sequences like '../'.

prevent

Mitigates the specific CVE by requiring timely patching of the directory traversal flaw in PingAlert Application Server.

prevent

Limits damage from low-privilege exploitation by ensuring the application server operates with minimal privileges restricting arbitrary file writes.

References