CVE-2025-54968
Published: 27 October 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-54968 is an improper access control vulnerability (CWE-284) in BAE SOCET GXP versions prior to 4.6.0.2, specifically affecting the SOCET GXP Job Service, which does not require authentication. This flaw has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for network-based exploitation with low complexity and privileges required, leading to high impacts on confidentiality, integrity, and availability.
Attackers with low privileges can exploit this vulnerability over the network with no user interaction. In certain configurations, remote users may submit jobs directly, while local users can submit jobs that execute under the permissions of other users, potentially allowing privilege escalation, arbitrary code execution, or unauthorized access to system resources.
Advisories reference the BAE Systems Geospatial Exploitation Products page and a dedicated SOCET GXP vulnerabilities disclosure section at https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54968, which detail the issue in versions before 4.6.0.2. Mitigation involves upgrading to SOCET GXP 4.6.0.2 or later to enforce proper authentication on the Job Service.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The improper access control in SOCET GXP Job Service allows network-based unauthorized job submission without authentication, enabling exploitation of remote services (T1210) for arbitrary code execution and potential privilege escalation (T1068).