CVE-2025-35114

Agiloft local privilege escalation via default credentials

CVSS 8.7 HIGHEPSS 0.3%CWE-1392

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Aug 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

Agiloft · Agiloft

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-239-01.json https://wiki.agiloft.com/display/HELP/What%27s+New%3A+CVE+Resolution https://www.cve.org/CVERecord?id=CVE-2025-35114