CVE-2025-54968HIGH 8.8EPSS p27.6%

CVE-2025-54968CVE-2025-54968

Description

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations, this may allow remote users to submit jobs, or local users to submit jobs that will execute with the permissions of other users.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.36% probability of exploitation · percentile 27.6% · 2026-06-19T12:03:05Z
Published2025-10-27
Last modified2025-10-31

Underlying weaknesses· 1

CWE-284

References

  1. https://www.baesystems.com/en-us/product/geospatial-exploitation-products
  2. https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54968

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-54964
CVE
CVE-2025-54942
CVE
CVE-2025-54943
CVE
CVE-2025-54816
CVE
CVE-2025-45854
CVE
CVE-2025-59461
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.