CVE-2025-54963

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2

Description An issue exists where an attacker interacting with the GXP Job Service can submit a crafted job request to gain read access to files on the filesystem, using the permissions of the GXP Job Service process. The application does not sanitize the file path for directory traversal, which could allow an attacker to read sensitive files in certain setups. The vulnerable component is the GXP Job Service. The path to a file is not sanitized, potentially allowing an attacker to read sensitive files.

Recommendations Update to version 4.6.0.2 or later.

Fix

Out of bounds Read

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-22

Related Identifiers

CVE-2025-54963

Affected Products

Gxp Job Service

Socet Gxp

CVE-2025-54963

Weakness Enumeration

Related Identifiers

Affected Products

References · 7