CVE-2025-10639

HIGH

WorkExaminer Professional - RCE

Title source: llm

Description

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code execution as NT Authority\SYSTEM on the server by exchanging accessible service binaries in the WorkExaminer installation directory (e.g. "C:\Program File (x86)\Work Examiner Professional Server").

References (2)

[Mailing List] http://seclists.org/fulldisclosure/2025/Oct/19

[Various Sources] https://r.sec-consult.com/workexaminer

Scores

CVSS v3 8.8

EPSS 0.0031

EPSS Percentile 53.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-798

Status published

Products (1)

EfficientLab/WorkExaminer Professional <= 4.0.0.52001

Published Oct 21, 2025

Tracked Since Feb 18, 2026