CVE-2025-5997
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-28
Last updated on: 2025-07-29
Assigner: Computer Emergency Response Team of the Republic of Turkey
Description
Description
Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse.This issue affects PhishPro: before 7.5.4.2.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| beamsec | phishpro | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-648 | The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Incorrect Use of Privileged APIs in Beamsec PhishPro, which allows privilege abuse. It affects versions of PhishPro before 7.5.4.2.
How can this vulnerability impact me? :
The vulnerability can lead to privilege abuse, potentially allowing an attacker to gain elevated access and cause high impact on confidentiality, integrity, and availability of the system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70