Cyber Posture

CVE-2025-8322

High

Published: 30 July 2025

Published
30 July 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0021 43.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8322 is a high-severity Missing Authorization (CWE-862) vulnerability in Org (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 43.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Directly mandates enforcement of approved authorizations, addressing the missing authorization checks that allow regular users to access admin functions.

AC-6 Least Privilege good match
prevent

Enforces least privilege to restrict regular users from performing or escalating to administrator actions like account management.

AC-2 Account Management partial match
prevent

Provides procedures for managing accounts, including creation, modification, deletion, and privilege assignment, to mitigate unauthorized account operations.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1098 Account Manipulation Persistence
Adversaries may manipulate accounts to maintain and/or elevate access to victim systems.
attack.mitre.org →
Why these techniques?

Missing authorization (CWE-862) in a remotely accessible application directly enables low-privileged users to escalate to administrator privileges and perform account creation/modification/deletion, mapping to Exploitation for Privilege Escalation and Account Manipulation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege.

Deeper analysisAI

CVE-2025-8322 is a Missing Authorization vulnerability (CWE-862) affecting the e-School software from Ventem. Published on 2025-07-30, it has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The issue enables remote attackers possessing regular privileges to bypass authorization checks and access administrator functions.

Attackers with low-privilege (regular user) accounts can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation grants them the ability to create, modify, and delete accounts, including escalating any account to system administrator privileges, resulting in high impacts on confidentiality, integrity, and availability.

Advisories from TWCERT/CC provide further details on mitigation, available at https://www.twcert.org.tw/en/cp-139-10305-2eca0-2.html and https://www.twcert.org.tw/tw/cp-132-10304-6b375-1.html.

Details

CWE(s)
CWE-862

Affected Products

Org
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-25045Shared CWE-862
CVE-2025-8310Shared CWE-862
CVE-2026-35182Shared CWE-862
CVE-2026-4261Shared CWE-862
CVE-2025-8898Shared CWE-862
CVE-2025-9054Shared CWE-862
CVE-2026-21743Shared CWE-862
CVE-2026-4003Shared CWE-862
CVE-2025-26368Shared CWE-862
CVE-2025-26377Shared CWE-862

References