CVE-2025-59689

Name of the Vulnerable Software and Affected Versions Libraesva ESG versions 4.5 through 5.5.x before 5.5.7 Libraesva ESG version 5.0 through 5.0.31 Libraesva ESG version 5.1 through 5.1.20 Libraesva ESG version 5.2 through 5.2.31 Libraesva ESG version 5.4 through 5.4.8 Libraesva ESG version 5.5 through 5.5.7 Versions prior to 5.0

Description Libraesva ESG is affected by a command injection flaw that can be triggered by processing a specially crafted compressed email attachment. This allows attackers to execute arbitrary commands as a non-privileged user. The issue is due to improper sanitization of code when handling compressed archive files. At least one instance of exploitation by a foreign hostile state entity has been confirmed. It is believed that the attackers were focused on specific ESG appliances, indicating a targeted campaign. Approximately 200,000 users are estimated to be affected, with significant adoption in sectors like education, finance, and government. The API endpoints and vulnerable parameters were not specified.

Recommendations For Libraesva ESG versions 4.5 through 5.5.x before 5.5.7, update to version 5.5.7 or later. For Libraesva ESG version 5.0 through 5.0.31, update to version 5.0.31. For Libraesva ESG version 5.1 through 5.1.20, update to version 5.1.20. For Libraesva ESG version 5.2 through 5.2.31, update to version 5.2.31. For Libraesva ESG version 5.4 through 5.4.8, update to version 5.4.8. For versions prior to 5.0, upgrade to a supported version.