Cyber Resilience

CVE-2025-69929

CriticalPublic PoC

Published: 29 January 2026

Published
29 January 2026
Modified
27 February 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0041 32.3th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-69929 is a critical-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in N3Uron Web User Interface. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 32.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-13 (Cryptographic Protection).

Deeper analysis

CVE-2025-69929 is a critical privilege escalation vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the N3uron Web User Interface version 1.21.7-240207.1047, published on 2026-01-29. The issue stems from client-side password hashing that employs the weak MD5 algorithm on a predictable string format, classified under CWE-327 (Broken Cryptographic Algorithm).

A remote attacker requires no privileges, authentication, or user interaction to exploit this vulnerability over the network with low complexity. Exploitation enables privilege escalation, resulting in high impacts on confidentiality, integrity, and availability.

Vendor advisories, including the page at https://n3uron.com/addressing-cve-2025-69929-in-n3uron-web-user-interface/, address mitigation for this issue in the N3uron Web User Interface. Additional references include the N3uron homepage at http://n3uron.com and a GitHub gist at https://gist.github.com/JoseAbreu28/67f5d8bfc7ba1def526efeda5771a244 detailing the vulnerability, along with the researcher's LinkedIn profile at https://www.linkedin.com/in/joselabreu.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated exploitation of weak client-side MD5 password hashing in a public web UI directly enables initial access via T1190 and subsequent privilege escalation via T1068.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-28252Shared CWE-327
CVE-2026-22585Shared CWE-327
CVE-2026-21718Shared CWE-327
CVE-2022-3365Shared CWE-327
CVE-2025-68702Shared CWE-327
CVE-2024-41763Shared CWE-327
CVE-2024-22347Shared CWE-327
CVE-2025-63912Shared CWE-327
CVE-2026-34950Shared CWE-327
CVE-2026-24785Shared CWE-327

Affected Assets

n3uron
web user interface
1.21.13-250422.0858, 1.21.6-230825.1720, 1.21.7-240207.1047

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires system authenticators like passwords to have sufficient strength of mechanism, directly mitigating the weak client-side MD5 hashing vulnerable to privilege escalation.

prevent

Mandates implementation of cryptographic mechanisms with adequate strength, prohibiting broken algorithms like MD5 used in the client-side password hashing.

prevent

Requires identification, reporting, and timely installation of software updates to remediate flaws such as this predictable MD5 hashing vulnerability.

References