CVE-2025-54964
Published: 23 October 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-54964 is a command injection vulnerability (CWE-77) discovered in BAE SOCET GXP versions prior to 4.6.0.2, specifically affecting the GXP Job Service component. Published on 2025-10-23, it carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts from a low-complexity local attack requiring no privileges or user interaction.
An attacker with the ability to interact with the GXP Job Service can inject arbitrary executables. In configurations limited to local-only access, this may enable privilege escalation under certain conditions. If the Job Service is network accessible, exploitation can result in remote command execution.
Vendor advisories for BAE SOCET GXP, available at https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54964 and https://www.baesystems.com/en-us/product/geospatial-exploitation-products, address the issue in version 4.6.0.2, recommending upgrade to mitigate the vulnerability.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables local privilege escalation via command injection (T1068) and remote command execution if the Job Service is network-accessible (T1210).