CVE-2025-59171

High

Published: 06 November 2025

Published

06 November 2025

Modified

19 November 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0015 35.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users.

Security Summary

CVE-2025-59171 is a path traversal vulnerability (CWE-22) stemming from insufficient sanitization of uploaded configuration files, enabling directory traversal and subsequent remote code execution with system-level permissions. Published on 2025-11-06, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact over the network with low attack complexity and no privileges required. The vulnerability affects industrial control systems (ICS) components as detailed in CISA advisory ICSA-25-310-01.

An unauthenticated remote attacker can exploit this vulnerability by uploading a specially crafted configuration file, traversing directories to access unauthorized paths, and achieving remote code execution at the system level. Successful exploitation grants high-level access, potentially allowing data exfiltration given the elevated confidentiality impact, though integrity and availability remain unaffected per the CVSS vector.

Mitigation details are outlined in the CISA ICS advisory at https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01 and the associated CSAF document at https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json, with Advantech recommending users contact support via https://www.advantech.com/emt/contact for patches and remediation guidance.

Details

CWE(s): CWE-22

Affected Products

advantech

deviceon\/iedge

≤ 2.0.2

AI Security Analysis

AI Category: Mobile/Edge AI
Risk Domain: Privacy and Disclosure
OWASP Top 10 for LLMs 2025: None mapped
MITRE ATLAS Techniques: None mapped
Classification Reason: Advantech DeviceOn/iEdge is an IoT/edge management platform supporting edge AI deployments, affected by path traversal vulnerability (CVE-2025-59171) in a device dependency allowing arbitrary file reads or authentication bypass.

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1083 File and Directory Discovery Discovery

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.

attack.mitre.org →

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

T1499 Endpoint Denial of Service Impact

Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users.

attack.mitre.org →

Why these techniques?

Path traversal flaws enable arbitrary file reads (T1083), exploitation of public-facing web applications (T1190) and remote services (T1210) leading to RCE with system privileges (T1068), and denial-of-service conditions (T1499).

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json
Third Party Advisory · ics-cert@hq.dhs.gov
https://www.advantech.com/emt/contact
Product · ics-cert@hq.dhs.gov
https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01
Mitigation, Third Party Advisory, US Government Resource · ics-cert@hq.dhs.gov