How to fix CVE-2025-6240?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Windows affected by CVE-2025-6240?

CVE-2025-6240 presents moderate security risk, a input validation vulnerability rated CVSS 5.0. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2025-6240

EUVD-2025-18645 MEDIUM

2025-06-18 c0ec9282-ea44-45d7-9b32-48d87cb37538

5.0

CVSS 4.0

CVSS Vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/AU:N/V:D/RE:M/U:Green

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 22:49 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 22:49 euvd

EUVD-2025-18645

CVE Published

Jun 18, 2025 - 15:15 nvd

MEDIUM 5.0

Description

Improper Input Validation vulnerability in Profisee on Windows (filesystem modules) allows Path Traversal after authentication to the Profisee system.This issue affects Profisee: from 2020R1 before 2024R2.

Analysis

Technical Context

Path traversal allows an attacker to access files outside the intended directory by manipulating file paths with sequences like '../'. This vulnerability is classified as Improper Input Validation (CWE-20).

Remediation

Validate and sanitize file path inputs. Use a whitelist of allowed files or directories. Implement chroot jails or containerization.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +25

POC: 0

CVE-2025-6240 vulnerability details – vuln.today

Back

CVE-2025-6240

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Remediation

Priority Score

Share

CVE-2025-6240

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Remediation

Priority Score

Share

External POC / Exploit Code