CVE-2025-2140 identifies an origin validation error (CWE-346) in IBM Engineering Requirements Management Doors Next versions 7.0.2, 7.0.3, and 7.1. The vulnerability arises from improper verification of the source data when processing email sender information, allowing an authenticated user on the network to spoof the sender's email identity. This spoofing can undermine the integrity of email communications generated or managed by the Doors Next platform, potentially facilitating phishing, social engineering, or unauthorized command execution within the context of the application. The vulnerability requires the attacker to have network access and authenticated privileges, but no further user interaction is necessary. The CVSS v3.1 score is 5.7 (medium severity), reflecting the low attack complexity and lack of confidentiality or availability impact, but a high impact on integrity. No public exploits have been reported, and no patches are currently linked, indicating that remediation may be pending or in development. The flaw affects critical engineering requirements management workflows, which could disrupt project integrity and trustworthiness if exploited.

For European organizations, especially those in engineering, manufacturing, aerospace, automotive, and regulated sectors that rely on IBM Doors Next for requirements management, this vulnerability poses a risk to the integrity of internal communications and documentation workflows. Spoofed emails could be used to manipulate project requirements, approvals, or change requests, potentially leading to flawed product development or compliance issues. While confidentiality and availability are not directly impacted, the integrity compromise could result in significant operational and reputational damage. The requirement for authenticated network access limits exposure to internal or trusted network users, but insider threats or compromised credentials could be leveraged. Given the critical role of requirements management in product lifecycle and regulatory compliance, exploitation could have downstream effects on safety, quality, and legal adherence.

Organizations should implement strict network segmentation and access controls to limit authenticated access to IBM Doors Next environments. Monitoring and logging of email-related activities within the platform should be enhanced to detect anomalous sender identities or unusual email patterns. Deploying and enforcing email authentication standards such as SPF, DKIM, and DMARC within the corporate email infrastructure can reduce the impact of spoofed emails. Until official patches are released by IBM, consider applying temporary compensating controls such as restricting email functionalities or disabling email sender spoofing features if configurable. Regularly audit user privileges and enforce strong authentication mechanisms to reduce the risk of credential compromise. Engage with IBM support to obtain timelines for patches and apply them promptly once available. Additionally, conduct user awareness training focused on recognizing suspicious internal emails that may result from spoofing attempts.