CVE-2025-0836 (GCVE-0-2025-0836)
Vulnerability from cvelistv5 – Published: 2025-12-16 11:02 – Updated: 2025-12-16 14:51
VLAI?
Title
XProtect MIP API Missing Authorization
Summary
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.
Severity ?
6.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Milestone Systems | XProtect VMS |
Affected:
23.1 , < 23.1.157.1.1470
(custom)
Affected: 23.2 , < 23.2.21.1.398 (custom) Affected: 23.3 , < 23.3.72.1.466 (custom) Affected: 24.1 , < 24.1.12292.2279 (custom) Affected: 24.2 , < 24.2.14561.2270 (custom) Affected: 25.1 , < 25.1.15990.2272 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T14:51:28.827951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T14:51:38.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"webhooks"
],
"platforms": [
"Windows"
],
"product": "XProtect VMS",
"vendor": "Milestone Systems",
"versions": [
{
"lessThan": "23.1.157.1.1470",
"status": "affected",
"version": "23.1",
"versionType": "custom"
},
{
"lessThan": "23.2.21.1.398",
"status": "affected",
"version": "23.2",
"versionType": "custom"
},
{
"lessThan": "23.3.72.1.466",
"status": "affected",
"version": "23.3",
"versionType": "custom"
},
{
"lessThan": "24.1.12292.2279",
"status": "affected",
"version": "24.1",
"versionType": "custom"
},
{
"lessThan": "24.2.14561.2270",
"status": "affected",
"version": "24.2",
"versionType": "custom"
},
{
"lessThan": "25.1.15990.2272",
"status": "affected",
"version": "25.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API."
}
],
"value": "Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T13:14:09.646Z",
"orgId": "cf45122d-9d50-442a-9b23-e05cde9943d8",
"shortName": "Milestone"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US"
},
{
"tags": [
"patch"
],
"url": "https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration."
}
],
"value": "To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XProtect MIP API Missing Authorization",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cf45122d-9d50-442a-9b23-e05cde9943d8",
"assignerShortName": "Milestone",
"cveId": "CVE-2025-0836",
"datePublished": "2025-12-16T11:02:25.199Z",
"dateReserved": "2025-01-29T13:24:34.734Z",
"dateUpdated": "2025-12-16T14:51:38.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0836\",\"sourceIdentifier\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\",\"published\":\"2025-12-16T11:15:43.510\",\"lastModified\":\"2025-12-16T14:15:45.630\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"references\":[{\"url\":\"https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US\",\"source\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\"},{\"url\":\"https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US\",\"source\":\"cf45122d-9d50-442a-9b23-e05cde9943d8\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0836\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-16T14:51:28.827951Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-16T14:51:33.939Z\"}}], \"cna\": {\"title\": \"XProtect MIP API Missing Authorization\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-180\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Milestone Systems\", \"modules\": [\"webhooks\"], \"product\": \"XProtect VMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"23.1\", \"lessThan\": \"23.1.157.1.1470\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2.21.1.398\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"23.3\", \"lessThan\": \"23.3.72.1.466\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"24.1\", \"lessThan\": \"24.1.12292.2279\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2.14561.2270\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"25.1\", \"lessThan\": \"25.1.15990.2272\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \\u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"To mitigate the issue, we highly recommend upgrading to the latest version of XProtect VMS, or at least to version 2025 R2 or later. The other option (for versions 2023 R1 \\u2013 2025 R1) is to use the provided cumulative patches (Knowledee Base article no. 34370 XProtect VMS cumulative patches). If, for any reason it is not possible, we recommend auditing your role security settings and considering everyone with read-only access to the Management Server as having a full access to Webhooks configuration.\", \"base64\": false}]}], \"references\": [{\"url\": \"https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"cf45122d-9d50-442a-9b23-e05cde9943d8\", \"shortName\": \"Milestone\", \"dateUpdated\": \"2025-12-16T13:14:09.646Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0836\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-16T14:51:38.048Z\", \"dateReserved\": \"2025-01-29T13:24:34.734Z\", \"assignerOrgId\": \"cf45122d-9d50-442a-9b23-e05cde9943d8\", \"datePublished\": \"2025-12-16T11:02:25.199Z\", \"assignerShortName\": \"Milestone\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…