CVE-2025-0001

Summary

Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability.

Affected Software

VendorProductVersion RangeStatus
Abacus Research AGAbacus0 < 2024.210.16036affected
Abacus Research AGAbacus0 < 2023.205.15833affected
Abacus Research AGAbacus0 < 2022.205.15542affected

Weaknesses

  • CWE-36: CWE-36: Absolute Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References