CVE-2025-59785

High

Published: 04 March 2026

Published

04 March 2026

Modified

05 March 2026

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0005 14.5th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-59785 is a high-severity Improper Validation of Syntactic Correctness of Input (CWE-1286) vulnerability in 2N Access Commander. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 14.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1552.001 Credentials In Files Credential Access

Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.

attack.mitre.org →

Why these techniques?

Direct exploitation of public-facing API endpoint (T1190) to bypass encryption policy, resulting in credential exposure via weakly protected backup files (T1552.001).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption. This vulnerability can only be exploited after authenticating with administrator privileges.

Deeper analysisAI

CVE-2025-59785 is an improper validation vulnerability in an API endpoint of 2N Access Commander version 3.4.2 and prior versions. It enables attackers to bypass the password policy enforced for backup file encryption. The issue is cataloged under CWE-1286 and carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). The vulnerability was published on 2026-03-04.

Exploitation requires an attacker to first authenticate with administrator privileges on the affected system. Once authenticated, the attacker can invoke the vulnerable API endpoint to circumvent password policy requirements during backup file creation, potentially resulting in weakly protected backups that expose sensitive configuration data, user credentials, or access control information. The high-impact CVSS vector indicates significant confidentiality, integrity, and availability consequences in a network-accessible environment with low attack complexity.

The vendor 2N has issued an advisory detailing mitigation, available at https://www.2n.com/en-GB/download/cve_2025_59785_acom_3_5_v1pdf, which addresses the issue in Access Commander version 3.5. Security practitioners should apply the patch promptly and review access logs for unauthorized admin activity on vulnerable installations.

Details

CWE(s): CWE-1286

Affected Products

access commander

≤ 3.5

CVEs Like This One

CVE-2025-59783Same product: 2N Access Commander

CVE-2025-59786Same product: 2N Access Commander

CVE-2025-59784Same product: 2N Access Commander

CVE-2026-40198Shared CWE-1286

CVE-2025-41719Shared CWE-1286

CVE-2025-0638Shared CWE-1286

CVE-2026-21917Shared CWE-1286

CVE-2026-33778Shared CWE-1286

CVE-2025-22868Shared CWE-1286

CVE-2026-6442Shared CWE-1286

References

https://www.2n.com/en-GB/download/cve_2025_59785_acom_3_5_v1pdf
Vendor Advisory · be69f613-e5f6-419b-800c-30351aa8933c