CVE 8.8 HIGH

Insecure service configuration – unquoted path_CVE-2025-12507

October 31, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

AI Analysis

Unquoted service path vulnerability in Bizerba Communication Server (BCS) allowing malicious program execution

Basic Information

ID CVE-2025-12507

Source bizerba

Published Oct 31, 2025 at 15:48

Modified Oct 31, 2025 at 18:17

Affected Product

Vendor Bizerba

Product _connect.BRAIN

Version 0.0

Affected Versions Bizerba _connect.BRAIN 0.0

CWE Classification

CWE-428

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Bizerba

Product _connect.BRAIN

Version 0.0

References

www.bizerba.com /downloads/global/information-security/2025/bizerba-sa-2025-0005.pdf

{
    "lastseen": "",
    "description": "The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.",
    "published": "2025-10-31T15:48:36.371Z",
    "modified": "2025-10-31T18:17:20.171Z",
    "type": "cve",
    "title": "Insecure service configuration \u2013 unquoted path",
    "source": "bizerba",
    "references": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0005.pdf",
    "id": "CVE-2025-12507",
    "bulletinFamily": "",
    "cwe": [
        "CWE-428"
    ],
    "cvelist": null,
    "sourceData": "Bizerba _connect.BRAIN 0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "_connect.BRAIN",
    "version": "0.0",
    "vendor": "Bizerba",
    "ai_description": "Unquoted service path vulnerability in Bizerba Communication Server (BCS) allowing malicious program execution",
    "ai_severity": "High",
    "ai_vendor": "Bizerba",
    "ai_product": "_connect.BRAIN",
    "ai_version": "0.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply