Vulnerability Details CVE-2025-65118
The vulnerability, if exploited, could allow an authenticated miscreant
(OS Standard User) to trick Process Optimization services into loading
arbitrary code and escalate privileges to OS System, potentially
resulting in complete compromise of the Model Application Server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.6%
CVSS Severity
CVSS v3 Score 8.8
References
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json
- https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea
- https://www.aveva.com/en/support-and-success/cyber-security-updates/
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01
Products affected by CVE-2025-65118
-
cpe:2.3:a:aveva:process_optimization:*