Cyber Resilience

CVE-2025-8769

Critical

Published: 24 December 2025

Published
24 December 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0089 54.8th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8769 is a critical-severity Improper Input Validation (CWE-20) vulnerability in Megasys (inferred from references). Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 45.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

Telenium Online Web Application contains a vulnerability in the Perl script responsible for loading the login page. Improper input validation (CWE-20) allows arbitrary Perl code to be injected through a crafted HTTP request, resulting in remote code execution on the server. The issue is rated 9.3 under CVSS 4.0 with network attack vector, no authentication or user interaction required, and full impact on confidentiality, integrity, and availability.

An unauthenticated remote attacker can exploit the flaw by submitting malicious input in an HTTP request to the login page, enabling arbitrary code execution and complete server compromise.

CISA advisory ICSA-24-263-04 and the associated CSAF document direct users to Megasis support resources for mitigation guidance and available patches.

The EPSS score rose from a low baseline to a peak of 0.0193, indicating increased exploitation interest after disclosure.

EU & UK References

Vulnerability details

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code…

more

execution on the server.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability enables unauthenticated remote code execution through improper input validation in a public-facing web application's Perl script, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-43347Shared CWE-20
CVE-2025-20393Shared CWE-20
CVE-2026-26106Shared CWE-20
CVE-2026-26063Shared CWE-20
CVE-2026-22567Shared CWE-20
CVE-2026-48188Shared CWE-20
CVE-2025-54385Shared CWE-20
CVE-2025-48913Shared CWE-20
CVE-2026-29135Shared CWE-20
CVE-2025-9060Shared CWE-20

Affected Assets

Megasys
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates validation of HTTP request inputs to the Perl login script, preventing arbitrary Perl code injection due to improper input validation.

prevent

Requires timely identification, reporting, and correction of the specific flaw in the Perl script's input handling to eliminate the RCE vulnerability.

detectrespond

Enables vulnerability scanning to detect the improper input validation issue in the login page Perl script, facilitating prompt remediation.

References