CVE-2025-10639

Name of the Vulnerable Software and Affected Versions WorkExaminer Professional (affected versions not specified)

Description The WorkExaminer Professional server installation includes an FTP server listening on TCP port 12304 to receive client logs. An attacker with network access to this port can leverage weak, hardcoded credentials to log in to the FTP server. Successful authentication allows the attacker to modify or read data and log files. Remote code execution as NT AuthoritySYSTEM on the server is possible by exchanging accessible service binaries located in the WorkExaminer installation directory, such as "C:Program Files (x86)Work Examiner Professional Server".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.