Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application.
AnalysisAI
Privilege escalation vulnerability in RFC inbound processing that fails to enforce proper authorization checks for authenticated users, allowing attackers to escalate privileges and critically compromise application integrity and availability. The vulnerability affects authenticated users (PR:L) with network accessibility (AV:N) and has a critical CVSS score of 9.6; without access to KEV, EPSS, or POC data, assessment indicates high real-world risk due to the low attack complexity (AC:L) and cross-boundary impact (S:C) combined with authentication bypass in authorization logic.
Technical ContextAI
This vulnerability exists in RFC (Request For Comments/protocol) inbound processing mechanisms, likely within a mail server, messaging system, or standards-compliant communication platform. The root cause is CWE-862 (Missing Authorization), indicating the application fails to validate whether an authenticated user possesses the necessary permissions before processing RFC-formatted inbound requests. The flaw permits privilege escalation from a lower-privilege authenticated context to higher-privilege operations. The attack targets the authorization decision point rather than authentication itself—the user is already authenticated but the application incorrectly grants access to restricted operations. This is a classic authorization bypass where input validation or access control lists (ACLs) are not properly consulted during RFC message processing.
RemediationAI
Immediate remediation steps: (1) Apply security patches from your RFC-processing product vendor (specific patch versions and URLs require vendor advisory consultation); (2) If patches are unavailable, implement network-level access controls restricting RFC inbound processing endpoints to trusted sources and limiting authentication scope; (3) Audit existing RFC message processing logs for unauthorized privilege escalation attempts; (4) Implement role-based access control (RBAC) enforcement at the RFC message handling layer, ensuring every inbound request validates user permissions against operation requirements before processing; (5) Consider disabling RFC inbound processing for non-essential services if available; (6) Monitor for exploitation indicators: failed authorization logs, unusual privilege elevation patterns, and RFC message processing from unexpected authenticated accounts. Patch availability and specific remediation guidance should be obtained from vendor security advisories and official patches as they become available.
Same weakness CWE-862 – Missing Authorization
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-17599