CVE-2025-13791 is a path traversal vulnerability identified in Scada-LTS, an open-source SCADA platform widely used for industrial control and monitoring. The vulnerability exists in the Common.getHomeDir method of the ZIPProjectManager.java file, part of the Project Import functionality. This flaw allows an attacker to manipulate file paths by injecting traversal sequences (e.g., ../) to access files and directories outside the intended home directory. The vulnerability can be exploited remotely without user interaction and requires only low-level privileges, making it accessible to a broader range of attackers. The CVSS 4.0 base score is 5.3 (medium), reflecting the moderate impact on confidentiality, integrity, and availability, with no authentication or user interaction required. Exploitation could lead to unauthorized reading or modification of sensitive files, potentially disrupting SCADA operations or leaking critical configuration data. The vendor has not responded to early disclosure attempts, and no official patches or mitigations have been published, increasing the urgency for organizations to implement defensive measures. The exploit code is publicly available, increasing the risk of exploitation in the wild despite no current reports of active attacks.

For European organizations, particularly those operating critical infrastructure such as energy, water, and manufacturing sectors that rely on SCADA systems like Scada-LTS, this vulnerability poses a significant risk. Unauthorized file access could lead to leakage of sensitive operational data or manipulation of configuration files, potentially causing system misconfigurations or downtime. While the vulnerability does not allow full system compromise directly, it can serve as a foothold for further attacks, including lateral movement within industrial networks. The medium severity rating indicates that while immediate catastrophic failures are unlikely, the disruption of industrial processes or exposure of proprietary information could have serious operational and financial consequences. Given Europe's strong regulatory environment around critical infrastructure protection, exploitation could also lead to compliance violations and reputational damage.

Since no official patch is available, European organizations should implement the following specific mitigations: 1) Restrict network access to the Scada-LTS Project Import service using firewalls and network segmentation to limit exposure to trusted administrators only. 2) Employ strict input validation and sanitization at the application or proxy level to detect and block path traversal payloads. 3) Monitor file system access logs for unusual or unauthorized file reads/writes outside expected directories, using SIEM or specialized ICS monitoring tools. 4) Implement application-layer access controls to restrict file operations to authorized users and processes. 5) Regularly back up SCADA configurations and data to enable recovery in case of tampering. 6) Engage with the vendor or community to track patch releases and apply updates promptly once available. 7) Conduct security awareness training for ICS operators to recognize and report suspicious activity. 8) Consider deploying host-based intrusion detection systems (HIDS) on SCADA servers to detect anomalous file system activity related to path traversal attempts.