CVE-2025-14341
Deferred Deferred - Pending Action
Excessive Allocation in DivvyDrive

Publication date: 2026-05-07

Last updated on: 2026-05-07

Assigner: Computer Emergency Response Team of the Republic of Turkey

Description
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before 4.8.3.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-07
Generated
2026-06-17
AI Q&A
2026-05-07
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14341
EUVD
EUVD-2025-209720
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
divvydrive_information_technologies_inc divvydrive From 4.8.2.19 (inc) to 4.8.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
CWE-915 The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves improperly controlled modification of dynamically-determined object attributes and allocation of resources without limits or throttling in DivvyDrive software by DivvyDrive Information Technologies Inc. Specifically, it allows excessive allocation and flooding, which means the software does not properly restrict how much resource can be consumed or how object attributes can be modified dynamically.

Impact Analysis

The vulnerability can lead to significant impacts including excessive consumption of resources, which may cause denial of service or degraded performance. According to the CVSS score of 8.3, it can result in low confidentiality impact, high integrity impact, and high availability impact, meaning attackers could potentially disrupt service availability and compromise data integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14341. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart