PT-2025-34815 · Agiloft · Agiloft
Matthew Galligan
·
Published
2025-08-26
·
Updated
2025-08-27
·
CVE-2025-35114
CVSS v3.1
7.5
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Fix
LPE
Weakness Enumeration
Related Identifiers
Affected Products
Agiloft
Matthew Galligan
·
Published
2025-08-26
·
Updated
2025-08-27
·
CVE-2025-35114
7.5
High
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Agiloft versions prior to 30
Description:
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline.
Recommendations:
Upgrade to Agiloft Release 30.
Fix
LPE