CVE-2025-70983

SpringBlade · SpringBlade

An incorrect access control vulnerability in the SpringBlade authRoutes function allows low-privileged users to escalate their privileges.

Executive summary

A critical privilege escalation vulnerability in SpringBlade v4.5.0 allows low-level users to gain unauthorized administrative access, posing a severe threat to system security.

Vulnerability

The flaw resides in the authRoutes function, which fails to properly enforce capability checks. This allows an attacker with low-level privileges to escalate their access level to that of an administrator.

Business impact

With a CVSS score of 9.9, this is a critical vulnerability that facilitates full system compromise via privilege escalation. Unauthorized administrative access can lead to total loss of confidentiality, integrity, and availability, as the attacker can perform any action available to a legitimate administrator.

Remediation

Immediate Action: Apply the latest vendor patch or update to SpringBlade v4.5.0 to enforce correct access control checks.

Proactive Monitoring: Monitor system logs for unusual administrative activities or unexpected privilege changes assigned to standard user accounts.

Compensating Controls: Implement strict role-based access control (RBAC) and restrict access to sensitive routing functions at the application gateway level.

Exploitation status

Public Exploit Available: False

Analyst recommendation

Given the critical nature of this privilege escalation flaw, immediate remediation is essential. Organizations should update their SpringBlade deployment immediately to prevent unauthorized users from gaining elevated administrative control.