CVE-2025-10640CRITICAL 9.8EPSS p54.6%

CVE-2025-10640CVE-2025-10640

Description

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive monitoring data. This includes monitored screenshots and keystrokes of all users. The WorkExaminer Professional console is used for administrative access to the server. Before access to the console is granted administrators must login. Internally, a custom protocol is used to call a respective stored procedure on the MSSQL database. The return value of the call is not validated on the server-side. Instead it is only validated client-side which allows to bypass authentication.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.89% probability of exploitation · percentile 54.6% · 2026-06-18T12:00:27Z
Published2025-10-21
Last modified2026-04-15

Underlying weaknesses· 1

CWE-602

References

  1. https://r.sec-consult.com/workexaminer
  2. http://seclists.org/fulldisclosure/2025/Oct/19

1

TypeTargetConfidenceTier
WeaknessClient-Side Enforcement of Server-Side Securitycwe-6020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-10639
CVE
CVE-2025-15560
CVE
CVE-2025-42890
CVE
CVE-2025-32860
CVE
CVE-2025-27540
CVE
CVE-2025-32836
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.