CVE-2025-65753
Published: 17 February 2026
Summary
CVE-2025-65753 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Gryphon (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-65753 is a vulnerability in the TLS certification mechanism of Guardian Gryphon version v01.06.0006.22. Published on 2026-02-17, it is classified under CWE-295 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). The flaw enables attackers to execute commands as root on affected systems.
Remote attackers require no privileges to target this vulnerability over the network, but exploitation demands high attack complexity and user interaction. Successful attacks allow arbitrary command execution with root privileges, resulting in high impacts to confidentiality, integrity, and availability.
Advisories and further details, including potential mitigations or patches, are referenced at http://gryphon.com and https://github.com/diegovargasj/CVE-2025-65753.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-207824
Vulnerability details
An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers to execute commands as root.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Improper certificate validation (CWE-295) in public-facing TLS service directly enables remote exploitation for RCE as root.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of PKI certificates by constructing certification paths to trust anchors, addressing the improper TLS certification mechanism flaw.
Mandates timely flaw remediation including patching the specific vulnerability in Guardian Gryphon's TLS certification mechanism to prevent root command execution.
Facilitates detection of the CVE-2025-65753 vulnerability through regular scanning, enabling proactive mitigation of the TLS certification issue.