CVE-2025-57141
Published: 08 September 2025
Summary
CVE-2025-57141 is a critical-severity Code Injection (CWE-94) vulnerability in Ruisitech Ruisibi. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Deeper analysis
rsbi-os version 4.7 is affected by a remote code execution vulnerability in its sqlite-jdbc component. The issue is tracked as CVE-2025-57141, carries a CVSS v3.1 score of 9.8, and is associated with CWE-94 for improper control of code generation.
The vulnerability can be exploited by unauthenticated attackers over the network with low attack complexity and no user interaction required. Successful exploitation grants complete control over confidentiality, integrity, and availability on the affected system.
Public references consist of a GitHub issue report and the rsbi-os project repository; neither source describes available patches or specific mitigation steps. The associated EPSS score remains flat at 0.0169 with no observed increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-27138
Vulnerability details
rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in rsbi-os web application allows unauthenticated remote code execution via JDBC deserialization gadget chains (e.g., CommonsCollections6) when testing crafted datasource connections to a malicious MySQL server, exploiting a public-facing application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the RCE vulnerability in sqlite-jdbc by identifying, prioritizing, and applying timely patches or updates to rsbi-os 4.7.
Detects the presence of CVE-2025-57141 through vulnerability scanning of the sqlite-jdbc component in rsbi-os systems.
Prevents code injection (CWE-94) exploitation by validating inputs to the sqlite-jdbc interface before processing.