Improper Access Control in Portabilis i-Educar Affects Remote Functionality
CVE-2025-10013

5.3MEDIUM

Key Information:

Vendor: Portabilis
Status: I-educar
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-10013?

A vulnerability has been identified in Portabilis i-Educar version 2.10 and earlier, which manifests in the /exportacao-para-o-seb file. This flaw allows unauthorized access due to insufficient access controls. The vulnerability can be exploited remotely, making it critical for users to assess their systems and apply necessary security patches promptly. Exploitation is now public and poses a significant risk for users relying on this functionality.