CVE-2025-12507
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-12507, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-31

Last updated on: 2025-11-04

Assigner: bizerba

Description

The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-31
Last Modified
2025-11-04
Generated
2026-07-06
AI Q&A
2025-11-01
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
bizerba communication_server *
bizerba brain 5.02

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in the Bizerba Communication Server (BCS) is due to an unquoted service path in the Windows registry. Because the executable path for the BCS service is not enclosed in quotes, Windows may misinterpret the path and execute malicious programs with system privileges. This can allow an attacker to run unauthorized code on the affected system. [1]

Impact Analysis

The vulnerability can allow a local attacker with low privileges to execute malicious programs with elevated system privileges. This can lead to a complete compromise of the affected system, impacting confidentiality, integrity, and availability of data and services. [1]

Detection Guidance

You can detect this vulnerability by checking if the Bizerba Communication Server (BCS) service executable path in the Windows registry is unquoted. Specifically, inspect the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCS\ImagePath to see if the path is enclosed in quotes. A common command to check this on a Windows system is using PowerShell: Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\BCS' -Name ImagePath. If the path is not enclosed in quotes, the system is vulnerable. [1]

Mitigation Strategies

Immediate mitigation involves editing the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCS\ImagePath to enclose the service executable path in quotes. This prevents Windows from misinterpreting the path and executing malicious programs. The definitive solution is to update the Bizerba Communication Server software to version 5.02 or later, which contains the fix. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12507. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart