Cyber Posture

CVE-2025-10713

Medium

Published: 05 November 2025

Published
05 November 2025
Modified
04 December 2025
KEV Added
Patch
CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0007 21.8th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CVE-2025-10713 is an XML External Entity (XXE) vulnerability, mapped to CWE-611, affecting multiple WSO2 products. The issue arises from improper configuration of the XML parser, which processes user-supplied XML input without sufficient restrictions on external entity resolution. Published on 2025-11-05T18:15:32.247, it carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H).

A remote, unauthenticated attacker can exploit this vulnerability by submitting malicious XML payloads. Successful exploitation enables the attacker to read sensitive files from the server's filesystem or perform denial-of-service (DoS) attacks that render affected services unavailable, with high impacts on confidentiality and availability.

The primary advisory from WSO2 is available at https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4505/, which security practitioners should review for detailed mitigation guidance, patches, and affected product versions.

Details

CWE(s)
CWE-611

Affected Products

wso2
api control plane
4.5.0
wso2
api manager
3.1.0, 3.2.0, 3.2.1, 4.0.0, 4.1.0
wso2
enterprise integrator
6.6.0
wso2
identity server
5.10.0, 5.11.0, 7.1.0
wso2
open banking am
2.0.0
wso2
open banking iam
2.0.0
wso2
traffic manager
4.5.0
wso2
universal gateway
4.5.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

XXE vulnerability in public-facing WSO2 products enables exploitation of public-facing application (T1190), arbitrary file reads from server filesystem (T1005), and DoS via entity expansion (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References