Auth bypass in Videx Inc. Cyberaudit-web
CVE-2025-22375
An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the exploitation of a logic flaw, an attacker could create a valid session without any credentials. This vulnerability has been patched in versions later t…
Vulnerability class: Broken Authentication
EPSS: 0.004 (35.0th percentile) — read the EPSS interpretation.
Affected products
- Videx Inc. Cyberaudit-web — versions <= 9.5
Weakness classification (CWE)
Public proof-of-concept exploits
References
- csirt@divd.nl (third-party-advisory)
- csirt@divd.nl (third-party-advisory)
Frequently asked questions
- What is CVE-2025-22375?
- CVE-2025-22375 is a vulnerability in Videx Inc. Cyberaudit-web, classified under Improper Authentication. Published 2025-04-10.
- Is CVE-2025-22375 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.