Agorum Core CVE-2025-52166
MEDIUMSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Requires authentication (PR:L, not PR:N as provided); administrator escalation implies full confidentiality and integrity impact over managed data.
Primary rating from Vendor (mitre).
CVSS VectorVendor: mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to Administrator and access sensitive components and information.
AnalysisAI
Privilege escalation in Agorum core open v11.9.2 and v11.10.1 allows authenticated users to elevate their privileges to Administrator level, gaining access to sensitive components and information within the document management platform. The vulnerability stems from incorrect access control (CWE-284), meaning the application fails to properly enforce authorization boundaries between standard user and administrative roles. No public exploit code or active exploitation has been identified at time of analysis, and the EPSS score of 0.20% at the 10th percentile confirms low current exploitation interest, though the impact of gaining full admin access warrants prompt remediation.
Technical ContextAI
Agorum core open is a German-developed enterprise document management system (DMS/ECM). The flaw is classified under CWE-284 (Improper Access Control), indicating the application's authorization logic does not correctly enforce role-based boundaries - a category that frequently manifests as missing server-side privilege checks, insecure direct object references, or bypassable role guards in API endpoints. The vulnerability is tagged 'Authentication Bypass' in the NVD metadata, suggesting the access control enforcement mechanism can be circumvented after initial login to impersonate or assume administrator-level permissions. Affected CPE data is not provided, but the advisory covers specifically v11.9.2 and v11.10.1 of the open edition. The research was disclosed by usd HeroLab, a German vulnerability research group.
Affected ProductsAI
The vulnerability affects Agorum core open version 11.9.2 and version 11.10.1, as confirmed by the vendor disclosure. The product is the open/community edition of the Agorum core document management platform developed by Software GmbH. No CPE strings were provided in the source data. The full advisory and affected version details are published at https://herolab.usd.de/usd-2025-0028/ by usd HeroLab.
RemediationAI
No vendor-released patch version is identified in the available data; the sole reference is the usd HeroLab advisory at https://herolab.usd.de/usd-2025-0028/, which should be consulted for vendor response and fix status. Until a patched release is confirmed, administrators should restrict access to the Agorum core open interface to trusted, strongly-authenticated users only - avoid exposing the platform to the internet or to users without a verified need for access. Disable or remove accounts for external or low-trust users as an interim measure. Implement network-level controls (firewall, VPN requirement) to limit which hosts can reach the application. Review administrator audit logs for any unexpected privilege changes that may indicate prior exploitation. Contact Software GmbH directly for a patched release timeline.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today