CVE Catalog

CVE-2025-51627

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile - higher than 14% of all known CVEs

Summary

Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator.

Risk Assessment

The risk is that an attacker with basic privileges can gain full control over the system, potentially leading to unauthorized access to sensitive data and disruption of operations.

Recommendation

It is recommended to immediately update to the latest software version and implement access control fixes in the CaricaVerbale component.

Original NVD description (English source)

Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS