CVE-2025-1091

Summary

CVE-2025-1091 represents a security vulnerability involving broken authorization. This issue allows any authenticated user to access and download IOA scripts and configuration files, even if they should not have the necessary permissions. This can lead to potential misconfigurations, unintended access, or other security risks. Attackers who are able to exploit this vulnerability could gain unauthorized access to sensitive information, potentially causing significant damage to the affected system or network. It is recommended that affected organizations apply the necessary patches or mitigations to prevent unauthorized access to these files.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.