CVE-2025-11344

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ILIAS versions 8.23, 9.13, and 10.1

Description A flaw exists in ILIAS related to the Certificate Import Handler component. This issue allows for Remote Code Execution, potentially triggered remotely.

Recommendations Upgrade to version 8.24 Upgrade to version 9.14 Upgrade to version 10.2

Fix

RCE

Special Elements Injection

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-94

Related Identifiers

CVE-2025-11344

Affected Products

Ilias

CVE-2025-11344

Weakness Enumeration

Related Identifiers

Affected Products

References · 11