Incorrect Access Control Vulnerability in Desktop Alert PingAlert Application Server
CVE-2025-54561

4.3MEDIUM

Key Information:

Vendor: Desktop Alert
Status: PingAlert
Vendor: CVE Published:; 14 November 2025

🔔 Create Desktop Alert Vulnerability Alert

What is CVE-2025-54561?

An Incorrect Access Control vulnerability exists within the Application Server of Desktop Alert PingAlert, allowing unauthorized remote access to sensitive content. This occurs between versions 6.1.0.11 and 6.1.1.2 due to a flaw in the authorization schema, enabling attackers to bypass security measures without the appropriate permissions.

References

https://desktopalert.net

https://desktopalert.net/cve-2025-54561/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2025
Vulnerability Reserved
Jul 25, 2025

JSON