Observable Timing Discrepancy in DivvyDrive Web by DivvyDrive Information Technologies Inc.
CVE-2025-9031

4.3MEDIUM

Key Information:

Vendor: Divvydrive Information Technologies Inc.
Status: Divvydrive Web
Vendor: CVE Published:; 24 September 2025

🔔 Create Divvydrive Information Technologies Inc. Vulnerability Alert

What is CVE-2025-9031?

The DivvyDrive Web application has an observable timing discrepancy vulnerability that could allow malicious actors to exploit timing variations for cross-domain search queries. This vulnerability affects specific versions of DivvyDrive Web, compromising data integrity and potentially exposing sensitive information during the search process.

Affected Version(s)

DivvyDrive Web 4.8.2.2 < 4.8.2.15

References

https://www.usom.gov.tr/bildirim/tr-25-0293

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2025
Vulnerability Reserved
Aug 14, 2025

Credit

Emre AKTAŞ

JSON