Cyber Resilience

CVE-2025-70982

CriticalPublic PoC

Published: 26 January 2026

Published
26 January 2026
Modified
12 February 2026
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0030 21.1th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-70982 is a critical-severity Improper Access Control (CWE-284) vulnerability in Bladex Springblade. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2025-70982 is an incorrect access control vulnerability in the importUser function of SpringBlade version 4.5.0. This flaw, associated with CWE-284, enables unauthorized handling of user data import operations due to improper permission checks. The vulnerability carries a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating critical severity with network accessibility, low attack complexity, and significant impacts across confidentiality, integrity, and availability.

An attacker with low-level privileges can exploit this vulnerability remotely without user interaction. By invoking the importUser function, they can arbitrarily import sensitive user data, potentially leading to unauthorized data exposure, modification, or disruption in a scoped environment where privileges escalate beyond initial low-level access.

Advisories and further details are available in the referenced sources, including a GitHub Gist at https://gist.github.com/old6ma/ea60151aa40ddc1cfb51fbaa0c173117, the SpringBlade repository at https://github.com/chillzhuang/SpringBlade, and issue #34 at https://github.com/chillzhuang/SpringBlade/issues/34, which may provide guidance on patches or mitigations.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Incorrect access control in the importUser function of SpringBlade v4.5.0 allows attackers with low-level privileges to arbitrarily import sensitive user data.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Remote exploitation of public-facing app via missing authz on importUser enables initial access (T1190) and leads to privilege escalation (T1068) with high impact on user data.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-70983Same product: Bladex Springblade
CVE-2025-57130Shared CWE-284
CVE-2025-24989Shared CWE-284
CVE-2026-22011Shared CWE-284
CVE-2026-21636Shared CWE-284
CVE-2026-4947Shared CWE-284
CVE-2025-55244Shared CWE-284
CVE-2026-44926Shared CWE-284
CVE-2026-34309Shared CWE-284
CVE-2026-24304Shared CWE-284

Affected Assets

bladex
springblade
4.5.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for access to the importUser function, directly preventing low-privilege attackers from arbitrarily importing sensitive user data due to improper permission checks.

prevent

Applies least privilege to restrict low-level privilege accounts from performing unauthorized sensitive user data import operations in SpringBlade.

prevent

Requires the system to make explicit access control decisions prior to allowing invocation of the importUser function, addressing the lack of proper permission checks.

References