Improper Access Control in Fortra's FileCatalyst Workflow Component
CVE-2025-8450

8.2HIGH

Key Information:

Vendor: Fortra
Status: Filecatalyst
Vendor: CVE Published:; 19 August 2025

What is CVE-2025-8450?

An improper access control vulnerability exists in the Workflow component of Fortra's FileCatalyst, allowing unauthorized users to exploit the system. This flaw enables unauthenticated individuals to upload arbitrary files through the order forms page, potentially leading to data breaches or further exploitation. It highlights a critical security gap that organizations must address to safeguard their systems against unauthorized access and potential misuse.

Affected Version(s)

FileCatalyst Windows 5.1.6 <= 5.2.0 Build 80

References

https://www.fortra.com/security/advisories/product-securi...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 19, 2025
Vulnerability Reserved
Jul 31, 2025

JSON