Plattform
windows
Komponente
safepc-enterprise
Behoben in
V7.0.1
5.0.1
CVE-2025-11020 describes a Remote Code Execution (RCE) vulnerability within SafePC Enterprise. This vulnerability allows attackers to leverage Path Traversal to conduct SQL Injection and potentially exploit an Unrestricted Upload of File with Dangerous Type vulnerability. The vulnerability impacts SafePC Enterprise versions 7.0.0.0 through 7.0.0.0 on both Windows and Linux platforms. A fix is available in version 7.0.1.
The impact of CVE-2025-11020 is significant due to the potential for Remote Code Execution. An attacker exploiting this vulnerability could gain unauthorized access to the system, execute arbitrary commands, and potentially escalate privileges. The combination of Path Traversal and SQL Injection allows for a multi-stage attack, where an attacker first obtains server information via Path Traversal, then uses SQL Injection to manipulate data and ultimately upload malicious files. Successful exploitation could lead to data breaches, system takeover, and disruption of services. The unrestricted file upload component amplifies the risk, as attackers could upload web shells or other malicious payloads to gain persistent access.
CVE-2025-11020 was publicly disclosed on 2025-10-02. The vulnerability's severity is rated HIGH with a CVSS score of 8.8. Currently, there are no publicly available proof-of-concept exploits. It is not listed on the CISA KEV catalog at the time of writing. The combination of Path Traversal and SQL Injection suggests a potentially complex exploitation process, which may explain the lack of immediate public exploits.
Organizations utilizing SafePC Enterprise, particularly those with older versions (7.0.0.0) and those with lax file upload policies or inadequate input validation, are at significant risk. Shared hosting environments where multiple users share the same SafePC Enterprise instance are also particularly vulnerable, as a compromise of one user's account could lead to broader system compromise.
• windows / supply-chain:
Get-Process -Name SafePCEnterprise | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-ScheduledTask | Where-Object {$_.TaskName -like '*SafePCEnterprise*'}• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath '//Event[System[Provider[@Name='SafePCEnterprise']]]'• linux / server:
journalctl -u SafePCEnterprise | grep -i "path traversal"• linux / server:
lsof -i :8080 | grep SafePCEnterprisedisclosure
patch
Exploit-Status
EPSS
0.04% (12% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-11020 is to upgrade SafePC Enterprise to version 7.0.1 or later. If upgrading immediately is not possible, consider implementing temporary workarounds. Restrict file upload locations and types to prevent the upload of dangerous files. Implement strict input validation and sanitization to prevent SQL Injection attacks. Consider using a Web Application Firewall (WAF) to filter malicious traffic and block attempts to exploit the Path Traversal vulnerability. After upgrading, confirm the fix by attempting to trigger the Path Traversal and SQL Injection vulnerabilities and verifying that they are no longer exploitable.
Actualice MarkAny SafePC Enterprise a la versión 7.0.1 o posterior. Esto corregirá las vulnerabilidades de Path Traversal, SQL Injection y Unrestricted Upload of File with Dangerous Type. Consulte el sitio web del proveedor para obtener instrucciones detalladas sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-11020 is a Remote Code Execution vulnerability in SafePC Enterprise versions 7.0.0.0–7.0.0.0, allowing attackers to exploit Path Traversal and SQL Injection to potentially upload and execute malicious files.
If you are using SafePC Enterprise version 7.0.0.0 or earlier, you are potentially affected by this vulnerability. Upgrade to version 7.0.1 to mitigate the risk.
The recommended fix is to upgrade SafePC Enterprise to version 7.0.1 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file uploads and validating inputs.
While no active exploitation has been publicly confirmed, the vulnerability's severity and potential impact suggest it could become a target for attackers.
Please refer to the SafePC Enterprise official website or security advisory channels for the latest information and updates regarding CVE-2025-11020.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.