CVE-2025-10352 is a critical security vulnerability identified in the melis-core module of Melis Technology's Melis Platform. The flaw is classified as CWE-862, indicating a missing authorization control. Specifically, the vulnerability allows an unauthenticated attacker to create a new administrator account by sending a crafted HTTP request to the endpoint '/melis/MelisCore/ToolUser/addNewUser'. Because the endpoint lacks proper authorization checks, no authentication or user interaction is required to exploit this issue. The attacker gains full administrative privileges, enabling them to manipulate system configurations, access sensitive data, and potentially disrupt platform availability. The vulnerability affects version 0 of the Melis Platform, with no patches currently available. The CVSS 4.0 base score of 9.3 reflects the ease of exploitation (network attack vector, no privileges or user interaction required) and the severe impact on confidentiality, integrity, and availability. Although no exploits have been reported in the wild, the critical nature of this vulnerability demands urgent attention. The Melis Platform is used in various enterprise environments, and this vulnerability could lead to full system compromise if exploited.

For European organizations using the Melis Platform, this vulnerability poses a severe risk. An attacker exploiting this flaw can gain administrative access, leading to unauthorized data access, data manipulation, and potential service disruption. This could result in significant operational downtime, loss of sensitive or personal data, and reputational damage. Given the criticality of administrative privileges, attackers could also deploy ransomware, exfiltrate confidential information, or pivot to other internal systems. Compliance with GDPR and other data protection regulations could be jeopardized due to unauthorized data exposure. The lack of authentication requirement increases the likelihood of automated attacks and widespread exploitation if the platform is exposed to the internet. Organizations in sectors such as finance, healthcare, government, and critical infrastructure that rely on the Melis Platform are particularly vulnerable to severe consequences.

1. Immediately restrict external access to the Melis Platform, especially the '/melis/MelisCore/ToolUser/addNewUser' endpoint, using network-level controls such as firewalls or VPNs. 2. Implement Web Application Firewall (WAF) rules to detect and block unauthorized requests targeting this endpoint. 3. Conduct a thorough audit of existing user accounts to identify any unauthorized administrator accounts and remove them. 4. Monitor logs for suspicious activity related to user creation or privilege escalation attempts. 5. Engage with Melis Technology for official patches or updates and apply them as soon as they become available. 6. If patching is delayed, consider deploying custom authorization checks or reverse proxies to enforce authentication on vulnerable endpoints. 7. Educate system administrators about this vulnerability and enforce strict credential management and multi-factor authentication for all administrative accounts. 8. Regularly review and update incident response plans to include scenarios involving unauthorized administrative access.