Cyber Posture

CVE-2025-34515

CriticalPublic PoC

Published: 16 October 2025

Published
16 October 2025
Modified
06 November 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 36.4th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-34515 is an execution with unnecessary privileges vulnerability (CWE-250) in the sync_project.sh script of Ilevia EVE X1 Server firmware versions up to and including 4.7.18.0.eden. Published on 2025-10-16, it allows an attacker to escalate privileges to root level.

The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), making it remotely exploitable over the network with low attack complexity, no required privileges or user interaction, and high impact on confidentiality, integrity, and availability. An unauthenticated attacker who can reach the affected service can leverage this flaw to gain full root access on the device.

Ilevia has declined to service or patch this vulnerability, recommending instead that customers not expose port 8080 to the internet. Further technical details are provided in advisories from VulnCheck and Zero Science Lab.

Details

CWE(s)
CWE-250

Affected Products

ilevia
eve x1 server firmware
≤ 4.7.18.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

CVE-2025-34515 enables unauthenticated remote exploitation of a public-facing application (port 8080) for direct root privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References