Cyber Posture

CVE-2025-70029

High

Published: 11 February 2026

Published
11 February 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0001 1.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70029 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Sunbird Sunbirded-Portal. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Adversary-in-the-Middle (T1557); ranked at the 1.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Adversary-in-the-Middle (T1557).
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SA-19 Component Authenticity
addresses: CWE-295

When certificates are used to establish component provenance, the control requires correct certificate validation procedures.

SC-17 Public Key Infrastructure Certificates
addresses: CWE-295

Mandates approved trust anchors and issuance policies, directly preventing acceptance of unvalidated or untrusted certificates.

SC-45 System Time Synchronization
addresses: CWE-295

Correct system time is required for proper enforcement of certificate notBefore/notAfter dates and time-based revocation checks.

MITRE ATT&CK Enterprise TechniquesAI

T1557 Adversary-in-the-Middle Credential Access
Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.
attack.mitre.org →
Why these techniques?

Disabling certificate validation (rejectUnauthorized: false) directly enables successful Adversary-in-the-Middle attacks on outbound connections, allowing interception of sensitive data.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options

Deeper analysisAI

CVE-2025-70029 affects Sunbird-Ed's SunbirdEd-portal version 1.13.4, where the application disables TLS/SSL certificate validation by explicitly setting 'rejectUnauthorized': false in HTTP request options. This configuration leads to improper certificate validation (CWE-295), enabling attackers to obtain sensitive information. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and was published on 2026-02-11.

Any network-accessible attacker can exploit this vulnerability with low complexity, requiring no privileges, user interaction, or scope changes. Exploitation allows high-impact confidentiality breaches, such as intercepting sensitive data via man-in-the-middle attacks, as the lack of certificate validation exposes outbound HTTP requests to tampering or eavesdropping.

References for further details include a GitHub Gist at https://gist.github.com/zcxlighthouse/e662c8316f98a1c72735cda4f6bfcfe6, along with the Sunbird-Ed organization page at https://github.com/Sunbird-Ed and the SunbirdEd-portal repository at https://github.com/Sunbird-Ed/SunbirdEd-portal.

Details

CWE(s)
CWE-295

Affected Products

sunbird
sunbirded-portal
1.13.4

CVEs Like This One

CVE-2025-70028Same product: Sunbird Sunbirded-Portal
CVE-2025-70030Same product: Sunbird Sunbirded-Portal
CVE-2025-70027Same product: Sunbird Sunbirded-Portal
CVE-2025-70031Same product: Sunbird Sunbirded-Portal
CVE-2025-1193Shared CWE-295
CVE-2025-46788Shared CWE-295
CVE-2026-33810Shared CWE-295
CVE-2026-32627Shared CWE-295
CVE-2024-55581Shared CWE-295
CVE-2025-11043Shared CWE-295

References