Cyber Resilience

CVE-2025-59895

High

Published: 28 January 2026

Published
28 January 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v4 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0037 28.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-59895 is a high-severity Improper Input Validation (CWE-20) vulnerability in Flexense Diskpulse. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-59895 is a remote denial-of-service (DoS) vulnerability in the configuration restore functionality of Sync Breeze Enterprise Server version 10.4.18 and Disk Pulse Enterprise version 10.4.18. The issue arises from insufficient validation of user-supplied data (CWE-20), allowing malicious input to corrupt the configuration file. Published on 2026-01-28, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high availability impact with no confidentiality or integrity effects.

An unauthenticated remote attacker can exploit this vulnerability by sending crafted requests over the network to the affected service. Successful exploitation alters the configuration file, rendering the application unresponsive and potentially preventing the service from restarting, even manually. Recovery may necessitate a complete reinstallation, as the corruption can make the service irrecoverable without intervention.

The INCIBE-CERT advisory on multiple vulnerabilities in Flexense products provides additional details: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-products.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious requests…

more

to alter the configuration file, causing the application to become unresponsive. In a successful scenario, the service may not recover on its own and require a complete reinstallation, as the configuration becomes corrupted and prevents the service from restarting, even manually.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Direct remote unauthenticated exploitation of a public-facing server application (T1190) via crafted input to trigger application/system DoS through exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-59892Same product: Flexense Diskpulse
CVE-2025-59893Same product: Flexense Diskpulse
CVE-2025-59891Same product: Flexense Diskpulse
CVE-2025-59894Same product: Flexense Diskpulse
CVE-2020-36946Same product: Flexense Syncbreeze
CVE-2020-37100Same product: Flexense Syncbreeze
CVE-2020-36927Same product: Flexense Diskpulse
CVE-2026-21864Shared CWE-20
CVE-2025-20142Shared CWE-20
CVE-2025-69232Shared CWE-20

Affected Assets

flexense
diskpulse
10.4.18
flexense
syncbreeze
10.4.18

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the insufficient validation of user-supplied data (CWE-20) during configuration restore, preventing malicious inputs from corrupting the configuration file.

preventdetect

Protects against remote denial-of-service attacks by limiting effects and detecting malicious requests targeting the configuration restore functionality.

recover

Provides procedures for system recovery and reconstitution after configuration corruption, mitigating the need for complete reinstallation.

References