Summary
Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system.
The following versions of iba Systems ibaPDA are affected:
- ibaPDA (CVE-2025-14988)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 9.8 | iba Systems | iba Systems ibaPDA | Incorrect Permission Assignment for Critical Resource |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Germany
Vulnerabilities
CVE-2025-14988
A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.
Affected Products
iba Systems ibaPDA
iba Systems
iba Systems ibaPDA: 8.12.0
known_affected
Remediations
Vendor fix
iba Systems recommends users update to ibaPDA v8.12.1 or a later version.
Mitigation
If Installing the update is not possible, iba Systems recommends users:
Mitigation
Enable User Management:To activate user management, navigate to User Management settings under the Configure option. Set a password for the admin user to enable user management.
Vendor fix
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: