{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1068", "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "state": "PUBLISHED", "assignerShortName": "Esri", "dateReserved": "2025-02-05T18:59:51.831Z", "datePublished": "2025-02-25T16:26:18.161Z", "dateUpdated": "2025-02-26T00:05:24.143Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ArcGIS AllSource", "vendor": "Esri", "versions": [{"status": "affected", "version": "1.2"}, {"status": "affected", "version": "1.3"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim. This issue is corrected in ArcGIS AllSource 1.2.1 and 1.3.1."}], "value": "There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim. This issue is corrected in ArcGIS AllSource 1.2.1 and 1.3.1."}], "impacts": [{"capecId": "CAPEC-558", "descriptions": [{"lang": "en", "value": "CAPEC-558 Replace Trusted Executable"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "shortName": "Esri", "dateUpdated": "2025-02-26T00:05:24.143Z"}, "references": [{"url": "https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-pro-and-arcgis-allsource-patches-address-high-severity-vulnerabilities"}], "source": {"discovery": "UNKNOWN"}, "title": "There is a code injection vulnerability in Esri ArcGIS AllSource", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-25T16:46:28.318860Z", "id": "CVE-2025-1068", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-25T16:46:35.573Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1068", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-25T16:46:28.318860Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-25T16:46:32.086Z"}}], "cna": {"title": "There is a code injection vulnerability in Esri ArcGIS AllSource", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-558", "descriptions": [{"lang": "en", "value": "CAPEC-558 Replace Trusted Executable"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Esri", "product": "ArcGIS AllSource", "versions": [{"status": "affected", "version": "1.2"}, {"status": "affected", "version": "1.3"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-pro-and-arcgis-allsource-patches-address-high-severity-vulnerabilities"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim. This issue is corrected in ArcGIS AllSource 1.2.1 and 1.3.1.", "supportingMedia": [{"type": "text/html", "value": "There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim. This issue is corrected in ArcGIS AllSource 1.2.1 and 1.3.1.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path"}]}], "providerMetadata": {"orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "shortName": "Esri", "dateUpdated": "2025-02-26T00:05:24.143Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1068", "state": "PUBLISHED", "dateUpdated": "2025-02-26T00:05:24.143Z", "dateReserved": "2025-02-05T18:59:51.831Z", "assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", "datePublished": "2025-02-25T16:26:18.161Z", "assignerShortName": "Esri"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:esri:arcgis_allsource:1.2:-:*:*:*:*:*:*", "matchCriteriaId": "7D2CA319-F8C4-4611-A4CF-536085420591", "vulnerable": true}, {"criteria": "cpe:2.3:a:esri:arcgis_allsource:1.3:-:*:*:*:*:*:*", "matchCriteriaId": "22FCC3F7-3ED4-4CFC-9668-48FA4BB37AE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:esri:arcgis_pro:3.3:-:*:*:*:*:*:*", "matchCriteriaId": "2C69472E-B8D9-4EE2-A548-9CD61A1A22B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:esri:arcgis_pro:3.4:-:*:*:*:*:*:*", "matchCriteriaId": "1D4A9671-48FC-4ACD-8AB4-3AAF9264EF93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim. This issue is corrected in ArcGIS AllSource 1.2.1 and 1.3.1."}, {"lang": "es", "value": "Existe una vulnerabilidad de ruta de b\u00fasqueda no confiable en Esri ArcGIS AllSource 1.2 y 1.3 que puede permitir que un atacante con pocos privilegios y con privilegios de escritura en el sistema de archivos local introduzca un ejecutable malicioso en el sistema de archivos. Cuando la v\u00edctima realiza una acci\u00f3n espec\u00edfica con ArcGIS AllSource, el archivo podr\u00eda ejecutar comandos maliciosos en el contexto de la v\u00edctima. Este problema se corrigi\u00f3 en ArcGIS AllSource 1.2.1 y 1.3.1."}], "id": "CVE-2025-1068", "lastModified": "2025-03-04T17:22:39.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "psirt@esri.com", "type": "Secondary"}]}, "published": "2025-02-25T17:15:13.890", "references": [{"source": "psirt@esri.com", "tags": ["Vendor Advisory"], "url": "https://www.esri.com/arcgis-blog/products/administration/administration/arcgis-pro-and-arcgis-allsource-patches-address-high-severity-vulnerabilities"}], "sourceIdentifier": "psirt@esri.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "psirt@esri.com", "type": "Secondary"}]}

{}