Vulnerability in Efficientlab Workexaminer Professional

CVE-2025-10639

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP serve…

EPSS: 0.009 (54.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-10639?
CVE-2025-10639 is a high-severity vulnerability in Efficientlab Workexaminer Professional, classified under Use of Hard-coded Credentials. CVSS score: 8.8/10. Published 2025-10-21.
How severe is CVE-2025-10639?
High severity. CVSS v3 base score is 8.8 out of 10.