CVE-2025-10548
BaseFortify
Publication date: 2025-09-23
Last updated on: 2025-11-03
Assigner: SEC Consult Vulnerability Lab
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| clevercontrol | employee_monitoring_software | 11.5.1041.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in CleverControl employee monitoring software (v11.5.1041.6) occurs because the installer does not validate TLS server certificates when downloading external components. It uses curl.exe with the --insecure option, allowing a man-in-the-middle attacker to intercept and deliver malicious files. These malicious files are then executed with SYSTEM privileges, potentially leading to full remote code execution with administrative rights.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code remotely with SYSTEM-level privileges on the affected system. This means the attacker could take full control of the system, install malware, steal data, or disrupt operations.
What immediate steps should I take to mitigate this vulnerability?
Since no patch is available and the vendor is unresponsive, immediate mitigation steps include: avoiding installation or reinstallation of the affected CleverControl software version (v11.5.1041.6), restricting network access to prevent the installer from downloading external components, and monitoring for any suspicious activity related to curl.exe usage with the --insecure flag. Consider isolating affected systems and using endpoint protection to detect and block malicious executions.