Cyber Resilience

CVE-2025-70420

N/AUpdated

Published: 21 April 2026

Published
21 April 2026
Modified
10 June 2026
KEV Added
Patch
CVSS Score N/A
EPSS Score 0.0004 12.0th percentile
Risk Priority 0 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70420 is a uncategorised-severity an unspecified weakness vulnerability. Its CVSS base score is N/A.

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-70420 is a SQL injection vulnerability in Genesys Latitude version 25.1.0.420. It arises from unsanitized user-supplied input being directly concatenated into SQL statements, enabling an authenticated attacker to execute arbitrary SQL queries against the backend database. The issue is classified under CWE-89 and has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

An authenticated attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. Successful exploitation allows arbitrary SQL query execution, potentially leading to data exfiltration, modification, or deletion in the backend database, as well as denial-of-service conditions.

Mitigation details are available in advisories from the vendor at http://genesys.com and independent research at https://okunsec.com/research/cve-2025-70420. The vulnerability was published on 2026-04-21T21:16:22.900.

EU & UK References

Vulnerability details

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CWE(s)
None listed

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection (CWE-89) in a network-accessible application (AV:N) directly enables exploitation via T1190, allowing arbitrary SQL execution for data impact or DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-39334Shared CWE-89
CVE-2024-13488Shared CWE-89
CVE-2026-20002Shared CWE-89
CVE-2025-1446Shared CWE-89
CVE-2025-22699Shared CWE-89
CVE-2026-36232Shared CWE-89
CVE-2026-31871Shared CWE-89
CVE-2026-33078Shared CWE-89
CVE-2026-46359Shared CWE-89
CVE-2025-22691Shared CWE-89

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection by requiring validation and sanitization of unsanitized user-supplied inputs before concatenation into SQL statements.

prevent

Ensures timely identification, prioritization, and remediation of flaws like this SQL injection vulnerability through patching.

preventdetect

Facilitates discovery of vulnerabilities such as CVE-2025-70420 via scanning and drives their remediation to prevent exploitation.

References