CVE-2025-10639HIGH 8.8EPSS p54.3%

CVE-2025-10639CVE-2025-10639

Description

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code execution as NT Authority\SYSTEM on the server by exchanging accessible service binaries in the WorkExaminer installation directory (e.g. "C:\Program File (x86)\Work Examiner Professional Server").

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.88% probability of exploitation · percentile 54.3% · 2026-06-18T12:00:27Z
Published2025-10-21
Last modified2026-04-15

Underlying weaknesses· 1

CWE-798

References

  1. https://r.sec-consult.com/workexaminer
  2. http://seclists.org/fulldisclosure/2025/Oct/19

1

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-10640
CVE
CVE-2025-61934
CVE
CVE-2025-4660
CVE
CVE-2025-49195
CVE
CVE-2025-21298
CVE
CVE-2025-32834
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.