Cyber Resilience

CVE-2025-7024

MediumUpdated

Published: 03 April 2026

Published
03 April 2026
Modified
27 May 2026
KEV Added
Patch
CVSS Score v4 5.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0001 2.8th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7024 is a medium-severity Incorrect Default Permissions (CWE-276) vulnerability in Airbus Tetra Connectivity Server. Its CVSS base score is 5.6 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).

Deeper analysis

CVE-2025-7024 is an Incorrect Default Permissions vulnerability (CWE-276) in the AIRBUS PSS TETRA Connectivity Server version 7.0 on Windows Server OS. The flaw stems from improper default permissions on a directory, enabling privilege abuse.

A local attacker with low privileges can exploit this issue by tricking or directing a user to place a crafted file into the vulnerable directory, leading to arbitrary code execution with SYSTEM privileges. The CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) reflects low attack complexity and the need for user interaction, but high impacts on confidentiality, integrity, and availability upon success.

A vulnerability fix is available and has been delivered to impacted customers. Additional details on CWE-276 are available at https://cwe.mitre.org/data/definitions/276.html.

EU & UK References

Vulnerability details

Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse. An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the…

more

vulnerable directory. This issue affects TETRA connectivity Server: 7.0. Vulnerability fix is available and delivered to impacted customers.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Improper directory permissions (CWE-276) directly enable local low-privileged attacker to achieve SYSTEM-level arbitrary code execution via crafted file placement.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-26131Same vendor: Microsoft
CVE-2026-9932Same product: Microsoft Windows
CVE-2026-7994Same product: Microsoft Windows
CVE-2026-9890Same product: Microsoft Windows
CVE-2026-2123Same product: Microsoft Windows
CVE-2026-8573Same product: Microsoft Windows
CVE-2026-8510Same product: Microsoft Windows
CVE-2026-9966Same product: Microsoft Windows
CVE-2026-7911Same product: Microsoft Windows
CVE-2026-7917Same product: Microsoft Windows

Affected Assets

airbus
tetra connectivity server
7.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the CVE by identifying, reporting, and applying the available vulnerability fix that corrects the improper default directory permissions.

prevent

Mandates establishment of secure configuration settings, including restrictive directory permissions, to prevent low-privilege users from placing crafted files in the vulnerable directory.

prevent

Enforces the principle of least privilege to ensure low-privilege attackers cannot write files to directories executed with SYSTEM privileges, addressing the privilege abuse vector.

References