CVE-2025-8748
Published: 08 August 2025
Summary
CVE-2025-8748 is a high-severity OS Command Injection (CWE-78) vulnerability in Mobile Industrial Robots (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
MiR software versions prior to 3.0.0 contain a command injection vulnerability tracked as CVE-2025-8748 and assigned CWE-78. The flaw resides in the handling of HTTP requests and permits an authenticated user to supply crafted input that results in execution of arbitrary operating-system commands. The issue carries a CVSS 3.1 base score of 8.8 with network attack vector, low complexity, and low privileges required.
An attacker who already possesses valid credentials can send a malicious HTTP request to the affected MiR instance and obtain full command execution on the underlying host. Successful exploitation yields complete confidentiality, integrity, and availability impact on the system, allowing the attacker to run any command permitted by the service account.
Vendor advisories published by Mobile Industrial Robots direct users to upgrade to version 3.0.0 or later and reference the MiR Cybersecurity Guide for additional hardening steps; the advisories are located at the URLs listed in the CVE record. The associated EPSS score remains low at 0.0175 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23984
Vulnerability details
MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection vulnerability directly enables remote arbitrary OS command execution via crafted HTTP requests to a public-facing application (T1190) and use of command/scripting interpreters (T1059).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents command injection by requiring validation and sanitization of HTTP request inputs to reject malicious payloads targeting OS command execution.
Ensures timely remediation of the specific command injection flaw through identification, reporting, and patching to MiR software version 3.0.0 or later.
Limits damage from authenticated low-privilege exploitation by enforcing least privilege on users and processes to restrict arbitrary OS command capabilities.