Improper Input Validation in Profisee for Windows by Profisee
CVE-2025-6240

5MEDIUM

Key Information:

Vendor: Profisee
Status: Profisee
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-6240?

The improper input validation vulnerability in Profisee for Windows allows an authenticated user to exploit filesystem modules leading to Path Traversal attacks. This can enable unauthorized access to sensitive files or directories, compromising the integrity of the system. Affected versions include Profisee from 2020R1 prior to 2024R2. Organizations using Profisee are advised to implement security measures and update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Profisee Windows 2020R1 < 2024R2

References

https://profisee.com/security/vulnerabilities/detail/

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Jun 18, 2025

Credit

Santeri Siirilä

Mikko Korpi