Cyber Resilience

CVE-2025-58443

CriticalPublic PoC

Published: 06 September 2025

Published
06 September 2025
Modified
29 September 2025
KEV Added
Patch
CVSS Score v4 9.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0989 93.2th percentile
Risk Priority 26 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-58443 is a critical-severity Improper Authentication (CWE-287) vulnerability in Fogproject Fogproject. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 6.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

FOG, an open-source cloning, imaging, rescue, and inventory management system, is affected by an authentication bypass vulnerability in versions 1.5.10.1673 and earlier. The flaw, tracked under CWE-287 and CWE-306, permits an unauthenticated attacker to trigger a full SQL database dump and retrieve all contents without supplying credentials.

An attacker with network access can exploit the issue directly against an exposed FOG instance to obtain the complete database, resulting in disclosure of sensitive data and potential follow-on integrity or availability impacts. The CVSS 4.0 score of 9.9 reflects the absence of required privileges or user interaction and the high impact across confidentiality, integrity, and scope.

Advisories from the FOG Project state that a fix is scheduled for release on 9/15/2025; in the interim, administrators are directed to upgrade immediately to the latest build on either the dev-branch or working-1.6 branch, following the documented upgrade steps at the project site. The associated GitHub Security Advisories provide additional technical detail on the issue.

The EPSS score reached a peak of 0.1225 on 2026-04-29 before receding to the current value of 0.0989.

EU & UK References

Vulnerability details

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials.…

more

A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: https://docs.fogproject.org/en/latest/install-fog-server#choosing-a-fog-version.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Authentication bypass in public-facing FOG server directly enables remote exploitation to dump database contents without credentials.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-7042Shared CWE-287, CWE-306
CVE-2025-11942Shared CWE-287, CWE-306
CVE-2026-6577Shared CWE-287, CWE-306
CVE-2026-6582Shared CWE-287, CWE-306
CVE-2026-6129Shared CWE-287, CWE-306
CVE-2026-5676Shared CWE-287, CWE-306
CVE-2026-4562Shared CWE-287, CWE-306
CVE-2026-7723Shared CWE-287, CWE-306
CVE-2026-5000Shared CWE-287, CWE-306
CVE-2026-6126Shared CWE-287, CWE-306

Affected Assets

fogproject
fogproject
≤ 1.5.10.1673

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-14 explicitly prohibits sensitive actions like unauthenticated database dumps by defining and restricting permitted actions without identification or authentication.

prevent

AC-3 enforces approved authorizations for access to system resources, directly preventing unauthorized extraction of the full SQL database.

prevent

SI-2 requires timely identification, reporting, and correction of flaws such as this authentication bypass via patching or upgrades.

References