Vulnerability in Progress Software Corporation Openedge

CVE-2025-7389

A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of t…

EPSS: 0.001 (17.6th percentile) — read the EPSS interpretation.

Affected products

Progress Software Corporation Openedge — versions OpenEdge 12.2.0, OpenEdge 12.8.0

Weakness classification (CWE)

CWE-552 — Files or Directories Accessible to External Parties

References

community.progress.com/s/article/Important-Arbitrary-File-Ready-Security-Update…