CVE 5.3 MEDIUM

ILIAS Certificate Import Remote Code Execution_CVE-2025-11344

October 6, 2025 invoker category_cve
5.3 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Description

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2 addresses this issue. It is recommended to upgrade the affected component.

Basic Information

ID CVE-2025-11344
Source VulDB
Published Oct 6, 2025 at 18:32

Affected Product

Vendor n/a
Product ILIAS
Version 8.0
Affected Versions n/a ILIAS 8.0
n/a ILIAS 8.1
n/a ILIAS 8.2
n/a ILIAS 8.3
n/a ILIAS 8.4
n/a ILIAS 8.5
n/a ILIAS 8.6
n/a ILIAS 8.7
n/a ILIAS 8.8
n/a ILIAS 8.9
n/a ILIAS 8.10
n/a ILIAS 8.11
n/a ILIAS 8.12
n/a ILIAS 8.13
n/a ILIAS 8.14
n/a ILIAS 8.15
n/a ILIAS 8.16
n/a ILIAS 8.17
n/a ILIAS 8.18
n/a ILIAS 8.19
n/a ILIAS 8.20
n/a ILIAS 8.21
n/a ILIAS 8.22
n/a ILIAS 8.23
n/a ILIAS 9.0
n/a ILIAS 9.1
n/a ILIAS 9.2
n/a ILIAS 9.3
n/a ILIAS 9.4
n/a ILIAS 9.5
n/a ILIAS 9.6
n/a ILIAS 9.7
n/a ILIAS 9.8
n/a ILIAS 9.9
n/a ILIAS 9.10
n/a ILIAS 9.11
n/a ILIAS 9.12
n/a ILIAS 9.13
n/a ILIAS 10.0
n/a ILIAS 10.1

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.