CVE-2025-64113
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-02-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| emby | emby | to 4.9.1.90 (exc) |
| emby | emby | 4.9.2.6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-640 | The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an attacker to gain full administrative access to the Emby Server application, impacting confidentiality, integrity, and availability at a high level. Such a compromise could lead to unauthorized access to sensitive personal or protected data managed by the server, potentially resulting in non-compliance with standards and regulations like GDPR and HIPAA that require protection of data confidentiality and integrity. Therefore, this vulnerability poses a significant risk to compliance with these regulations if exploited. [1]
Can you explain this vulnerability to me?
This vulnerability in Emby Server versions below 4.9.1.81 allows an attacker with network access to gain full administrative access to the Emby Server application itself, meaning they can control the server's administration features. No other specific preconditions are required for exploitation. This does not grant access to the underlying operating system, only the Emby Server administration.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to take full control over the Emby Server administration, potentially enabling them to manipulate media content, change server settings, access user data stored within the server, or disrupt service. This could lead to unauthorized data access or service interruption within the media server environment.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Emby Server to version 4.9.1.81 or later, as this version contains the fix for the vulnerability allowing full administrative access. Ensure that your Emby Server is not accessible to untrusted networks until the update is applied.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying Emby Server versions up to 4.9.1.80 (stable) and 4.9.2.6 (beta) running on your system, as these versions are vulnerable. Since the vulnerability involves the passwordreset.txt file in the configuration folder, checking for the presence and permissions of this file may help. However, no specific detection commands are provided in the available resources. The recommended action is to verify the Emby Server version and update to version 4.9.1.90 (stable) or later, or 4.9.2.7 (beta) or later, which include the fix. For version detection, you might use commands like querying the Emby Server API or checking the installed package version, but these commands are not specified in the provided text. [1]