CVE-2025-70983
SpringBlade · SpringBlade
An incorrect access control vulnerability in the SpringBlade authRoutes function allows low-privileged users to escalate their privileges.
Executive summary
A critical privilege escalation vulnerability in SpringBlade v4.5.0 allows low-level users to gain unauthorized administrative access, posing a severe threat to system security.
Vulnerability
The flaw resides in the authRoutes function, which fails to properly enforce capability checks. This allows an attacker with low-level privileges to escalate their access level to that of an administrator.
Business impact
With a CVSS score of 9.9, this is a critical vulnerability that facilitates full system compromise via privilege escalation. Unauthorized administrative access can lead to total loss of confidentiality, integrity, and availability, as the attacker can perform any action available to a legitimate administrator.
Remediation
Immediate Action: Apply the latest vendor patch or update to SpringBlade v4.5.0 to enforce correct access control checks.
Proactive Monitoring: Monitor system logs for unusual administrative activities or unexpected privilege changes assigned to standard user accounts.
Compensating Controls: Implement strict role-based access control (RBAC) and restrict access to sensitive routing functions at the application gateway level.
Exploitation status
Public Exploit Available: False
Analyst recommendation
Given the critical nature of this privilege escalation flaw, immediate remediation is essential. Organizations should update their SpringBlade deployment immediately to prevent unauthorized users from gaining elevated administrative control.