CVE-2025-24924
Published: 05 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-24924 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting GMOD Apollo, an open-source genome annotation platform. The issue, classified under CWE-306 (Missing Authentication for Critical Function), arises because certain functionality within GMOD Apollo does not require authentication when passed with an administrative username. The vulnerability was published on 2025-03-05.
Remote, unauthenticated attackers with network access to a vulnerable GMOD Apollo instance can exploit this flaw by supplying an administrative username, bypassing authentication controls. Successful exploitation grants high-impact access, enabling attackers to achieve full compromise of the affected system through unauthorized confidentiality breaches, integrity modifications, and availability disruptions.
Mitigation guidance is available in the CISA ICS Advisory ICSA-25-063-07, accessible at https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07. Security practitioners should consult this advisory for patching instructions and recommended workarounds.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a missing authentication vulnerability in a public-facing web application (GMOD Apollo), allowing remote unauthenticated attackers to bypass controls and achieve full compromise, directly mapping to exploitation of public-facing applications for initial access.