CVE-2025-12507

HIGH

8.8

Description

The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

CVE Details

CVSS v3.1 Score8.8

SeverityHIGH

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredLOW

User InteractionNONE

Published10/31/2025

Last Modified11/4/2025

Sourcenvd

Honeypot Sightings0

Weaknesses (CWE)

CWE-428

References

https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0005.pdf(0beee27a-7d8c-424f-8e46-ac453fa147e6)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.