CVE-2025-2395

Summary

CVE-2025-2395 is a newly identified vulnerability affecting the U-Office Force solution from e-Excellence. This issue involves an Improper Authentication flaw that permits unauthenticated remote attackers to manipulate specific APIs and subsequently alter cookies. By doing so, they can successfully log in as administrators, gaining unauthorized access to the system. This vulnerability poses a significant risk, as it enables attackers to bypass the authentication process and potentially take control of the affected U-Office Force installation. Organizations using this solution are urged to apply the necessary patches or updates as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.