CVE-2025-10226 is a critical vulnerability identified in AxxonSoft's AxxonOne version 2.0.8 and earlier, which affects both Windows and Linux deployments. The root cause of this vulnerability lies in the product's dependency on an outdated and vulnerable version of the PostgreSQL database backend, specifically PostgreSQL v10.x. This version of PostgreSQL contains multiple known security flaws that have been addressed in the more recent PostgreSQL 17.4 release. The vulnerability is classified under CWE-1395, which refers to the use of vulnerable third-party components. Exploiting these underlying PostgreSQL vulnerabilities allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service conditions on the affected systems without requiring any prior authentication or user interaction. The CVSS v3.1 base score of 9.8 reflects the critical nature of this vulnerability, highlighting its high impact on confidentiality, integrity, and availability, combined with ease of exploitation over the network. Since AxxonOne is a security management platform often used for video surveillance and physical security management, exploitation could lead to severe consequences including unauthorized access to sensitive surveillance data, disruption of security operations, and potential lateral movement within an organization's network infrastructure.

For European organizations, the impact of CVE-2025-10226 could be substantial. Many enterprises, government agencies, and critical infrastructure operators in Europe rely on AxxonOne for managing physical security and surveillance systems. Successful exploitation could lead to unauthorized access to surveillance feeds, manipulation or deletion of security logs, and disruption of security monitoring capabilities. This could compromise the safety of personnel and assets, violate data protection regulations such as GDPR due to unauthorized data access, and damage organizational reputation. Additionally, the ability to execute arbitrary code or cause denial-of-service could allow attackers to pivot into other parts of the network, potentially leading to broader cyber intrusions. Given the criticality of physical security in sectors like transportation, energy, and public safety, the threat posed by this vulnerability is particularly acute in Europe where regulatory compliance and security standards are stringent.

To mitigate this vulnerability, European organizations using AxxonOne should urgently upgrade the PostgreSQL backend to version 17.4 or later, where the known security issues have been resolved. If an immediate upgrade is not feasible, organizations should isolate the database server from untrusted networks using network segmentation and strict firewall rules to limit exposure. Employing intrusion detection and prevention systems to monitor for suspicious activity targeting PostgreSQL services is advisable. Additionally, organizations should review and harden access controls on the AxxonOne platform and underlying database, ensuring the principle of least privilege is enforced. Regularly auditing logs for anomalous behavior and applying vendor patches for AxxonOne as they become available is critical. Finally, organizations should consider deploying application-layer firewalls or web application firewalls (WAFs) that can detect and block exploitation attempts targeting PostgreSQL vulnerabilities.