CVE-2025-0836 (GCVE-0-2025-0836)
Vulnerability from cvelistv5
Published
2025-12-16 11:02
Modified
2025-12-16 14:51
Severity ?
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Milestone Systems | XProtect VMS |
Version: 23.1 < 23.1.157.1.1470 Version: 23.2 < 23.2.21.1.398 Version: 23.3 < 23.3.72.1.466 Version: 24.1 < 24.1.12292.2279 Version: 24.2 < 24.2.14561.2270 Version: 25.1 < 25.1.15990.2272 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T14:51:28.827951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T14:51:38.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"webhooks"
],
"platforms": [
"Windows"
],
"product": "XProtect VMS",
"vendor": "Milestone Systems",
"versions": [
{
"lessThan": "23.1.157.1.1470",
"status": "affected",
"version": "23.1",
"versionType": "custom"
},
{
"lessThan": "23.2.21.1.398",
"status": "affected",
"version": "23.2",
"versionType": "custom"
},
{
"lessThan": "23.3.72.1.466",
"status": "affected",
"version": "23.3",
"versionType": "custom"
},
{
"lessThan": "24.1.12292.2279",
"status": "affected",
"version": "24.1",
"versionType": "custom"
},
{
"lessThan": "24.2.14561.2270",
"status": "affected",
"version": "24.2",
"versionType": "custom"
},
{
"lessThan": "25.1.15990.2272",
"status": "affected",
"version": "25.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API."
}
],
"value": "Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T13:14:09.646Z",
"orgId": "cf45122d-9d50-442a-9b23-e05cde9943d8",
"shortName": "Milestone"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US"
},
{
"tags": [
"patch"
],
"url": "https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration."
}
],
"value": "To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XProtect MIP API Missing Authorization",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cf45122d-9d50-442a-9b23-e05cde9943d8",
"assignerShortName": "Milestone",
"cveId": "CVE-2025-0836",
"datePublished": "2025-12-16T11:02:25.199Z",
"dateReserved": "2025-01-29T13:24:34.734Z",
"dateUpdated": "2025-12-16T14:51:38.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0836\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-16T14:51:28.827951Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-16T14:51:33.939Z\"}}], \"cna\": {\"title\": \"XProtect MIP API Missing Authorization\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-180\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Milestone Systems\", \"modules\": [\"webhooks\"], \"product\": \"XProtect VMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"23.1\", \"lessThan\": \"23.1.157.1.1470\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2.21.1.398\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"23.3\", \"lessThan\": \"23.3.72.1.466\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"24.1\", \"lessThan\": \"24.1.12292.2279\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2.14561.2270\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"25.1\", \"lessThan\": \"25.1.15990.2272\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \\u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \\u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration.\", \"base64\": false}]}], \"references\": [{\"url\": \"https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"cf45122d-9d50-442a-9b23-e05cde9943d8\", \"shortName\": \"Milestone\", \"dateUpdated\": \"2025-12-16T13:14:09.646Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0836\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-16T14:51:38.048Z\", \"dateReserved\": \"2025-01-29T13:24:34.734Z\", \"assignerOrgId\": \"cf45122d-9d50-442a-9b23-e05cde9943d8\", \"datePublished\": \"2025-12-16T11:02:25.199Z\", \"assignerShortName\": \"Milestone\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…