CVE-2025-63662
Unknown Unknown - Not Provided

Insecure Permissions in GT Edge AI /api/v1/agents API

Vulnerability report for CVE-2025-63662, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-22

Last updated on: 2025-12-23

Assigner: MITRE

Description

Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-22
Last Modified
2025-12-23
Generated
2026-07-06
AI Q&A
2025-12-23
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
gt_edge ai_platform *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-63662 is a vulnerability in the /api/v1/agents API of GT Edge AI Platform versions before v2.0.10-dev (and Community Edition before v2.0.12) where insecure permissions allow unauthorized remote attackers, once authenticated, to access sensitive information. This includes system prompts and other confidential data related to AI agents, leading to information disclosure and escalation of privileges. [1]

Impact Analysis

This vulnerability can impact you by allowing unauthorized attackers to access sensitive and confidential information related to AI agents, such as system prompts. This can lead to information disclosure and escalation of privileges, potentially compromising the security and confidentiality of your system and data. [1]

Mitigation Strategies

Upgrade GT Edge AI Platform to version 2.0.12 or later, as versions prior to 2.0.12 contain the insecure permissions vulnerability in the /api/v1/agents API that allows unauthorized access to sensitive information. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-63662. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart