Auth bypass in Logsign Unified Secops Platform
CVE-2025-1044
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploi…
Vulnerability class: Broken Authentication
EPSS: 0.005 (64.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Logsign Unified Secops Platform — versions 6.4.27
Weakness classification (CWE)
References
- ZDI-25-085 (x_research-advisory)
- vendor-provided URL (vendor-advisory)
Frequently asked questions
- What is CVE-2025-1044?
- CVE-2025-1044 is a critical-severity vulnerability in Logsign Unified Secops Platform, classified under Improper Authentication. CVSS score: 9.8/10. Published 2025-02-11.
- How severe is CVE-2025-1044?
- Critical severity. CVSS v3 base score is 9.8 out of 10.