Cyber Posture

CVE-2025-54347

Critical

Published: 24 November 2025

Published
24 November 2025
Modified
05 December 2025
KEV Added
Patch
CVSS Score 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0030 53.2th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents directory traversal attacks by validating file path inputs to reject traversal sequences like '../'.

SI-2 Flaw Remediation good match
prevent

Mitigates the specific CVE by requiring timely patching of the directory traversal flaw in PingAlert Application Server.

AC-6 Least Privilege partial match
prevent

Limits damage from low-privilege exploitation by ensuring the application server operates with minimal privileges restricting arbitrary file writes.

Security SummaryAI

CVE-2025-54347 is a Directory Traversal vulnerability (CWE-22) in the Application Server component of Desktop Alert PingAlert software, affecting versions 6.1.0.11 through 6.1.1.2. The flaw allows an attacker to write arbitrary files under certain conditions, earning a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, and high impacts across confidentiality, integrity, and availability.

An attacker with low privileges (PR:L), such as an authenticated user, can exploit this vulnerability remotely over the network without user interaction. Successful exploitation enables writing arbitrary files, potentially leading to remote code execution, data tampering, or system compromise given the changed scope (S:C) and high impact ratings.

Mitigation details are available in the vendor advisory at https://desktopalert.net/cve-2025-54347/. Security practitioners should review it for patching instructions and workarounds specific to affected PingAlert deployments.

Details

CWE(s)
CWE-22

Affected Products

desktopalert
pingalert application server
6.1.0.11 — 6.1.1.6

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Directory traversal vulnerability in a network-accessible application server (AV:N) directly enables exploitation of a public-facing application for arbitrary file writes, potentially leading to RCE and system compromise.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References