CVE-2025-25652 is a directory traversal vulnerability identified in Eptura Archibus version 2024.03.01.109, specifically within the "Run script" and "Server File" components of the Database Update Wizard. Directory traversal (CWE-22) vulnerabilities occur when an application fails to properly sanitize user-supplied file path inputs, allowing attackers to navigate outside the intended directory structure and access arbitrary files on the server. In this case, the vulnerability can be exploited remotely without authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The impact is primarily on confidentiality, enabling attackers to read sensitive files that may contain configuration data, credentials, or other critical information. The vulnerability does not affect integrity or availability, meaning attackers cannot modify files or disrupt service directly through this flaw. Although no public exploits have been reported yet, the ease of exploitation and the high confidentiality impact make this a serious threat. The affected software, Eptura Archibus, is widely used in facility and real estate management for database updates and automation tasks, making the vulnerability relevant to organizations relying on this platform for critical operations.

For European organizations, the primary impact of CVE-2025-25652 is unauthorized disclosure of sensitive information stored on servers running the vulnerable Archibus version. This could include configuration files, user credentials, or proprietary data, potentially leading to further compromise or data breaches. Facility management and real estate companies, as well as public sector entities using Archibus for infrastructure management, could face operational risks and reputational damage. The vulnerability's remote and unauthenticated nature increases the risk of widespread exploitation, especially if attackers develop public exploits. Confidentiality breaches could also lead to regulatory consequences under GDPR if personal or sensitive data is exposed. Since integrity and availability are not directly impacted, the threat is less likely to cause immediate operational disruption but remains critical due to data exposure risks.

Currently, no official patches are listed, so organizations should monitor vendor advisories closely for updates. In the interim, implement strict input validation and sanitization on all user-supplied file path parameters within the Database Update Wizard components to block directory traversal sequences (e.g., ../). Restrict file system permissions to limit the application’s access to only necessary directories and files, minimizing the potential exposure surface. Employ network-level controls such as web application firewalls (WAFs) with custom rules to detect and block directory traversal attempts. Conduct thorough audits of server file permissions and logs to identify any suspicious access patterns. Additionally, isolate the Archibus server within a segmented network zone to reduce exposure to external threats. Educate system administrators on the risks and ensure rapid incident response capabilities are in place to address any exploitation attempts.