CVE-2025-63665

Critical

Published: 19 December 2025

Published

19 December 2025

Modified

05 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0015 35.2th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the CVE by requiring timely remediation of the specific code injection flaw through software upgrade to v2.0.12 or later.

SI-10 Information Input Validation good match

prevent

Prevents attackers from executing arbitrary code by enforcing validation and error handling on crafted JSON payloads injected into the Prompt window.

SI-16 Memory Protection partial match

prevent

Provides defense-in-depth by protecting system memory from unauthorized code execution even if a crafted JSON payload bypasses input validation.

Security SummaryAI

CVE-2025-63665 is a code injection vulnerability (CWE-94) affecting GT Edge AI Community Edition versions before v2.0.12. It enables attackers to execute arbitrary code by injecting a crafted JSON payload into the Prompt window. The issue carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and severe impacts across confidentiality, integrity, and availability.

Remote, unauthenticated attackers can exploit this vulnerability over the network without user interaction. By crafting and submitting a malicious JSON payload to the Prompt window, they achieve arbitrary code execution on the targeted system, potentially leading to full compromise.

Advisories from researcher p80n-sec detail the vulnerability, including proof-of-concept information. Mitigation requires upgrading to GT Edge AI Community Edition v2.0.12 or later, as earlier versions remain susceptible. Further technical details and reproduction steps are available at https://gist.github.com/p80n-sec/e5eefcef155e9dd14aaaaa49f9f94cd1 and https://github.com/p80n-sec/Vulnerability-Research/blob/main/CVE-2025-63665/CVE-2025-63665.md.

Details

CWE(s): CWE-94

Affected Products

gtedge

gt edge ai

≤ 2.0.12

AI Security AnalysisAI

AI Category: Mobile/Edge AI
Risk Domain: LLM/Generative AI Risks
OWASP Top 10 for LLMs 2025: None mapped
MITRE ATLAS Techniques: None mapped
Classification Reason: GT Edge AI Platform is explicitly an edge AI platform, matching the Mobile/Edge AI category.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability enables arbitrary code execution via crafted JSON payload injection into the Prompt window of the GT Edge AI Platform, consistent with exploitation of a public-facing application.

References

https://gist.github.com/p80n-sec/e5eefcef155e9dd14aaaaa49f9f94cd1
Third Party Advisory · cve@mitre.org
https://github.com/p80n-sec/Vulnerability-Research/blob/main/CVE-2025-63665/CVE-2025-63665.md
Third Party Advisory · cve@mitre.org