CVE-2025-63225

CriticalPublic PoC

Published: 18 November 2025

Published

18 November 2025

Modified

04 February 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0041 61.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critical administrative endpoints. Attackers can directly access and modify sensitive system and network configurations, upload firmware, and execute unauthorized actions without any…

form of authentication. This vulnerability allows remote attackers to fully compromise the device, control its functionality, and disrupt its operation.

Mitigating Controls (NIST 800-53 r5)AI

AC-14 Permitted Actions Without Identification or Authentication good match

prevent

Directly restricts and documents permitted actions without identification or authentication, ensuring critical administrative endpoints require credentials to prevent unauthorized access.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for access to system resources including administrative endpoints, comprehensively addressing the missing access enforcement on sensitive functions.

IA-9 Service Identification and Authentication good match

prevent

Mandates identification and authentication for services and non-organizational users before establishing network connections to device endpoints, blocking unauthenticated remote exploitation.

Security SummaryAI

CVE-2025-63225, published on 2025-11-18, is a Broken Access Control vulnerability (CWE-284) in the Eurolab ELTS100_UBX device running firmware version ELTS100v1.UBX. It arises from missing authentication on critical administrative endpoints, enabling direct access to sensitive functions without any credentials. The issue has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its high impact on confidentiality, integrity, and availability.

Remote attackers require only network access to exploit this vulnerability, with no privileges, user interaction, or complex conditions needed. Successful exploitation allows attackers to modify sensitive system and network configurations, upload new firmware, and execute unauthorized actions. This grants full compromise of the device, enabling control over its functionality and potential disruption of operations.

Vendor advisories and vulnerability research are available at http://eurolab-srl.com/ and https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63225_Eurolab_ELTS100_UBX_Broken_Access_Control, which may provide further details on patches or mitigation steps.

Details

CWE(s): CWE-284

Affected Products

eurolab-srl

elts 100 firmware

elts100v1.ubx

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability involves missing authentication on public-facing administrative endpoints, directly enabling exploitation of a public-facing application for initial access and full device compromise.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

http://eurolab-srl.com/
Product · cve@mitre.org
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63225_Eurolab_ELTS100_UBX_Broken_Access_Control
Exploit, Third Party Advisory, Mitigation · cve@mitre.org