Cyber Resilience

CVE-2025-57141

CriticalPublic PoCRCE

Published: 08 September 2025

Published
08 September 2025
Modified
12 September 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0169 82.6th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-57141 is a critical-severity Code Injection (CWE-94) vulnerability in Ruisitech Ruisibi. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

rsbi-os version 4.7 is affected by a remote code execution vulnerability in its sqlite-jdbc component. The issue is tracked as CVE-2025-57141, carries a CVSS v3.1 score of 9.8, and is associated with CWE-94 for improper control of code generation.

The vulnerability can be exploited by unauthenticated attackers over the network with low attack complexity and no user interaction required. Successful exploitation grants complete control over confidentiality, integrity, and availability on the affected system.

Public references consist of a GitHub issue report and the rsbi-os project repository; neither source describes available patches or specific mitigation steps. The associated EPSS score remains flat at 0.0169 with no observed increase after disclosure.

EU & UK References

Vulnerability details

rsbi-os 4.7 is vulnerable to Remote Code Execution (RCE) in sqlite-jdbc.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Vulnerability in rsbi-os web application allows unauthenticated remote code execution via JDBC deserialization gadget chains (e.g., CommonsCollections6) when testing crafted datasource connections to a malicious MySQL server, exploiting a public-facing application.

CVEs Like This One

CVE-2025-13773Shared CWE-94
CVE-2025-50692Shared CWE-94
CVE-2026-30643Shared CWE-94
CVE-2026-30460Shared CWE-94
CVE-2025-71243Shared CWE-94
CVE-2026-44262Shared CWE-94
CVE-2024-13792Shared CWE-94
CVE-2020-37052Shared CWE-94
CVE-2026-42555Shared CWE-94
CVE-2025-65037Shared CWE-94

Affected Assets

ruisitech
ruisibi
4.7

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the RCE vulnerability in sqlite-jdbc by identifying, prioritizing, and applying timely patches or updates to rsbi-os 4.7.

detect

Detects the presence of CVE-2025-57141 through vulnerability scanning of the sqlite-jdbc component in rsbi-os systems.

prevent

Prevents code injection (CWE-94) exploitation by validating inputs to the sqlite-jdbc interface before processing.

References