CVE-2025-10640
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-21

Last updated on: 2025-11-03

Assigner: SEC Consult Vulnerability Lab

Description
An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive monitoring data. This includes monitored screenshots and keystrokes of all users. The WorkExaminer Professional console is used for administrative access to the server. Before access to the console is granted administrators must login. Internally, a custom protocol is used to call a respective stored procedure on the MSSQL database. The return value of the call is not validated on the server-side. Instead it is only validated client-side which allows to bypass authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-21
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-10-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10640
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
efficientlab workexaminer_professional *
efficientlab workexaminer_professional 4.0.0.52001
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-602 The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability allows an unauthenticated attacker who can access TCP port 12306 on the WorkExaminer server to bypass the login prompt of the WorkExaminer Professional console. This happens because the server does not perform server-side validation of authentication; instead, it relies on client-side validation of the return value from a stored procedure call to the MSSQL database. As a result, the attacker can gain administrative access without proper authentication.

Impact Analysis

An attacker exploiting this vulnerability can gain administrative access to the WorkExaminer server and all sensitive monitoring data it holds. This includes access to monitored screenshots and keystrokes of all users, potentially leading to severe privacy breaches and unauthorized data exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10640. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart