CVE 8.7 HIGH

Digiwin｜EasyFlow GP – Denial of service_CVE-2025-13165

November 17, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service.

AI Analysis

Denial of service vulnerability in Digiwin EasyFlow GP, allowing unauthenticated remote attackers to send specific requests that result in denial of web service.

Basic Information

ID CVE-2025-13165

Source twcert

Published Nov 17, 2025 at 06:46

Affected Product

Vendor Digiwin

Product EasyFlow GP

Version 5.8.8.3

Affected Versions Digiwin EasyFlow GP 5.8.8.3
Digiwin EasyFlow GP 8.1.x
Digiwin EasyFlow GP 5.7.x

CWE Classification

CWE-770

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Digiwin

Product EasyFlow GP

Version 5.7.x, 5.8.8.3, 8.1.x

References

{
    "lastseen": "",
    "description": "EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service.",
    "published": "2025-11-17T06:46:02.907Z",
    "modified": "2025-11-17T06:46:02.907Z",
    "type": "cve",
    "title": "Digiwin\uff5cEasyFlow GP - Denial of service",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10503-a66fe-1.html\nhttps://www.twcert.org.tw/en/cp-139-10504-23f4c-2.html",
    "id": "CVE-2025-13165",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "Digiwin EasyFlow GP 5.8.8.3\nDigiwin EasyFlow GP 8.1.x\nDigiwin EasyFlow GP 5.7.x",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EasyFlow GP",
    "version": "5.8.8.3",
    "vendor": "Digiwin",
    "ai_description": "Denial of service vulnerability in Digiwin EasyFlow GP, allowing unauthenticated remote attackers to send specific requests that result in denial of web service.",
    "ai_severity": "High",
    "ai_vendor": "Digiwin",
    "ai_product": "EasyFlow GP",
    "ai_version": "5.7.x, 5.8.8.3, 8.1.x",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply