Platform
other
Component
sparx-enterprise-architect
Fixed in
16.1.1628
CVE-2025-15621 describes a critical vulnerability in Sparx Enterprise Architect, affecting versions from 16.1.1627 through 17.1.1714. This vulnerability stems from insufficient protection of OAuth2 credentials during OpenID authentication, potentially allowing attackers to gain unauthorized access. A fix is expected from the vendor, and users are advised to monitor for updates. The CVSS severity is pending evaluation.
The core of this vulnerability lies in the lack of validation of the recipient of OAuth2 credentials during the OpenID authentication process. An attacker could potentially intercept or spoof these credentials, impersonating a legitimate user and gaining access to sensitive data within Sparx Enterprise Architect. This could include project models, diagrams, and associated documentation. Successful exploitation could lead to data breaches, unauthorized modifications to critical project assets, and even complete account takeover. The blast radius extends to any data stored and managed within Enterprise Architect, potentially impacting intellectual property and business-critical information.
CVE-2025-15621 was publicly disclosed on 2026-04-16. There are currently no publicly available proof-of-concept exploits. The vulnerability is not listed on the CISA KEV catalog. Due to the nature of the vulnerability (OAuth2 credential mishandling), it's plausible that threat actors are actively investigating it, and exploitation could occur in the future.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
Currently, there is no specific patched version available to directly address CVE-2025-15621. As a temporary mitigation, consider implementing stricter access controls within Sparx Enterprise Architect, limiting the number of users with elevated privileges. Review and audit OpenID authentication configurations to ensure they adhere to security best practices. Monitor network traffic for suspicious OAuth2 activity. Implement a Web Application Firewall (WAF) with rules to detect and block unauthorized OAuth2 requests. Regularly review Sparx Systems' security advisories for updates and patches.
Update to a patched version of Sparx Enterprise Architect. Refer to the Sparx Systems version history page for details on available versions and upgrade instructions: https://sparxsystems.com/products/ea/17.1/history.html.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-15621 is a vulnerability where Sparx Enterprise Architect doesn't properly validate OAuth2 credentials during OpenID authentication, potentially allowing unauthorized access.
If you are using Sparx Enterprise Architect versions 16.1.1627 through 17.1.1714 and have OpenID authentication enabled, you are potentially affected.
A patch is not yet available. Implement temporary mitigations like stricter access controls and WAF rules, and monitor Sparx Systems' advisories for updates.
There are currently no confirmed reports of active exploitation, but the vulnerability is being investigated.
Please refer to the Sparx Systems website and security advisories for the latest information and updates regarding CVE-2025-15621.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.