CVE-2025-27580

HIGH

NIH BRICS <14.0.0-67 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-27580. PoCs published by TrustStackSecurity.

AI-analyzed exploit summary This PoC demonstrates an unauthenticated account takeover vulnerability in NIH BRICS by generating predictable tokens using a fixed salt, username, and timestamp. The exploit leverages weak token generation to escalate privileges.

Description

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators.

Exploits (1)

nomisec WORKING POC
by TrustStackSecurity · poc
https://github.com/TrustStackSecurity/CVE-2025-27580

This PoC demonstrates an unauthenticated account takeover vulnerability in NIH BRICS by generating predictable tokens using a fixed salt, username, and timestamp. The exploit leverages weak token generation to escalate privileges.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: NIH BRICS through 14.0.0-67
No auth needed
Prerequisites: knowledge of target username · approximate timestamp
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v3 7.5
EPSS 0.0056
EPSS Percentile 42.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-335
Status published
Products (1)
NIH/BRICS < 14.0.0-67
Published Apr 24, 2025
Tracked Since Feb 18, 2026