CVE-2025-0001

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 17, 2025

CWE ID 36

Summary

CVE-2025-0001 is a newly disclosed vulnerability affecting Abacus ERP software. This issue allows authenticated attackers to read arbitrary files on vulnerable systems. Versions older than 2024.210.16036, 2023.205.15833, and 2022.105.15542 are reportedly susceptible. Successful exploitation could lead to the exposure of sensitive data, potentially causing significant damage to affected organizations. It is crucial for users to apply the available patches as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2FN0k1
https://www.cve.org/CVERecord?id=CVE-2025-0001
https://nvd.nist.gov/vuln/detail/CVE-2025-0001

Back to Vulnerability Database

CVE-2025-0001

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations