CVE-2025-25535
Published: 26 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-25535 is a critical HTTP response manipulation vulnerability affecting SCRIPT CASE version 1.0.002 Build7. It enables a remote attacker to escalate privileges through a specially crafted HTTP request, as indicated by its association with CWE-276. The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its severe potential impact due to high confidentiality, integrity, and availability consequences with no prerequisites for exploitation beyond network access.
Any unauthenticated remote attacker can exploit this vulnerability by sending a malicious HTTP request to a vulnerable SCRIPT CASE instance. Successful exploitation allows privilege escalation, potentially granting unauthorized high-level access to the application or underlying system, which could lead to full compromise including data exfiltration, modification, or disruption of services.
Advisories and additional details are available in referenced sources, including a GitHub research repository at https://github.com/simalamuel/Research/tree/main/CVE-2025-25535 and a BeSafe Brasil advisory at https://www.besafebrasil.com.br/script-case-cve-2025-xx-xxxx/, which may provide guidance on detection, patches, or workarounds.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is an unauthenticated remote exploit in a public-facing web application (SCRIPT CASE) that directly enables privilege escalation via crafted HTTP requests, mapping to T1190 (Exploit Public-Facing Application) for initial access and T1068 (Exploitation for Privilege Escalation) for the core impact.