Incorrect Permission Assignment for Critical Resource vulnerability in iba Systems...

10 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.

Basic Information

ID CVE-2025-14988

Source icscert

Published Jan 27, 2026 at 20:08

Modified Jan 27, 2026 at 20:51

Affected Product

Vendor iba Systems

Product ibaPDA

Version 8.12.0

Affected Versions iba Systems ibaPDA 8.12.0

CWE Classification

CWE-732

References

www.cisa.gov /news-events/ics-advisories/icsa-26-027-01

{
    "lastseen": "",
    "description": "A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.",
    "published": "2026-01-27T20:08:54.853Z",
    "modified": "2026-01-27T20:51:36.885Z",
    "type": "cve",
    "title": "Incorrect Permission Assignment for Critical Resource vulnerability in iba Systems ibaPDA",
    "source": "icscert",
    "references": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-01",
    "id": "CVE-2025-14988",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "iba Systems ibaPDA 8.12.0",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ibaPDA",
    "version": "8.12.0",
    "vendor": "iba Systems",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Incorrect Permission Assignment for Critical Resource vulnerability in iba Systems ibaPDA_CVE-2025-14988