Platform
windows
Component
safepc-enterprise
Fixed in
V7.0.1
5.0.1
CVE-2025-11020 describes a Remote Code Execution (RCE) vulnerability within SafePC Enterprise. This vulnerability allows attackers to leverage Path Traversal to conduct SQL Injection and potentially exploit an Unrestricted Upload of File with Dangerous Type vulnerability. The vulnerability impacts SafePC Enterprise versions 7.0.0.0 through 7.0.0.0 on both Windows and Linux platforms. A fix is available in version 7.0.1.
The impact of CVE-2025-11020 is significant due to the potential for Remote Code Execution. An attacker could first exploit the Path Traversal vulnerability to gain access to sensitive server information. Subsequently, they could leverage SQL Injection to manipulate database contents, potentially extracting credentials or modifying critical data. The Unrestricted Upload of File with Dangerous Type vulnerability then allows the attacker to upload malicious files, such as web shells or malware, which can be executed on the server, granting them complete control. This could lead to data breaches, system compromise, and disruption of services. The combination of these vulnerabilities creates a high-risk scenario for organizations using SafePC Enterprise.
CVE-2025-11020 was published on 2025-10-02. The vulnerability's combination of Path Traversal, SQL Injection, and file upload vulnerabilities presents a complex attack surface. Public proof-of-concept (POC) code is currently unavailable, but the vulnerability's severity and potential impact suggest it could become a target for exploitation. The EPSS score is pending evaluation, but the combination of vulnerabilities suggests a medium to high probability of exploitation.
Exploit Status
EPSS
0.04% (12% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-11020 is to upgrade SafePC Enterprise to version 7.0.1 or later. If upgrading immediately is not feasible, consider implementing temporary workarounds. Restrict file upload locations and types to prevent the upload of dangerous files. Implement strict input validation and sanitization to prevent SQL Injection attacks. Consider using a Web Application Firewall (WAF) to filter malicious traffic and block attempts to exploit the Path Traversal vulnerability. After upgrading, confirm the fix by attempting to trigger the Path Traversal vulnerability and verifying that access is denied.
Actualice MarkAny SafePC Enterprise a la versión 7.0.1 o posterior. Esto corregirá las vulnerabilidades de Path Traversal, SQL Injection y Unrestricted Upload of File with Dangerous Type. Consulte el sitio web del proveedor para obtener instrucciones detalladas sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-11020 is a Remote Code Execution vulnerability in SafePC Enterprise versions 7.0.0.0–7.0.0.0, allowing attackers to exploit Path Traversal and SQL Injection to potentially upload and execute malicious files.
If you are using SafePC Enterprise version 7.0.0.0 or earlier, you are potentially affected by this vulnerability. Upgrade to version 7.0.1 to mitigate the risk.
The recommended fix is to upgrade SafePC Enterprise to version 7.0.1 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file uploads and validating inputs.
While no active exploitation has been publicly confirmed, the vulnerability's severity and potential impact suggest it could become a target for attackers.
Please refer to the SafePC Enterprise official website or security advisory channels for the latest information and updates regarding CVE-2025-11020.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.