CVE-2025-6240

Improper Input Validation vulnerability in Profisee on Windows (filesystem modules) allows Path Traversal after authentication to the Profisee system.This issue affects Profisee: from 2020R1 before 2024R2.

CVSS

No CVSS.

References

Link	Resource
https://profisee.com/security/vulnerabilities/detail/

Configurations

No configuration.

History

23 Jun 2025, 20:16

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de validación de entrada incorrecta en Profisee en Windows (módulos del sistema de archivos) permite Path Traversal después de la autenticación en el sistema Profisee. Este problema afecta a Profisee: desde 2020R1 hasta 2024R2.

18 Jun 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 15:15

Updated : 2025-06-23 20:16

NVD link : CVE-2025-6240

Mitre link : CVE-2025-6240

CVE.ORG link : CVE-2025-6240

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2025-6240", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "c0ec9282-ea44-45d7-9b32-48d87cb37538", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.0, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:D/RE:M/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-18T15:15:28.187", "references": [{"url": "https://profisee.com/security/vulnerabilities/detail/", "source": "c0ec9282-ea44-45d7-9b32-48d87cb37538"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "c0ec9282-ea44-45d7-9b32-48d87cb37538", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Improper Input Validation vulnerability in Profisee on Windows (filesystem modules) allows Path Traversal after authentication to the Profisee system.This issue affects Profisee: from 2020R1 before 2024R2."}, {"lang": "es", "value": "La vulnerabilidad de validaci\u00f3n de entrada incorrecta en Profisee en Windows (m\u00f3dulos del sistema de archivos) permite Path Traversal despu\u00e9s de la autenticaci\u00f3n en el sistema Profisee. Este problema afecta a Profisee: desde 2020R1 hasta 2024R2."}], "lastModified": "2025-06-23T20:16:59.783", "sourceIdentifier": "c0ec9282-ea44-45d7-9b32-48d87cb37538"}