CVE-2025-30978 is a security vulnerability classified under CWE-862, which pertains to missing authorization controls. This flaw exists in the Slack Notifications by dorzki application, specifically affecting versions up to 2.0.7. The vulnerability arises from incorrectly configured access control security levels, allowing an attacker with limited privileges (PR:L) to exploit the system remotely (AV:N) without requiring user interaction (UI:N). Although the vulnerability does not impact confidentiality or integrity, it affects availability by potentially disrupting the notification service. The CVSS 3.1 base score is 4.3, indicating a medium severity level. The missing authorization means that certain actions or data within the Slack Notifications app could be accessed or triggered by unauthorized users who should not have such permissions. This could lead to denial of service or interference with normal notification workflows. No patches or known exploits in the wild have been reported as of the publication date (June 6, 2025). The vulnerability is significant because Slack integrations are widely used for business communications and operational alerts, and improper access control could undermine trust in these notifications or cause operational disruptions.

For European organizations, this vulnerability could disrupt critical communication channels that rely on Slack notifications, potentially delaying incident response or operational decision-making. While it does not directly expose sensitive data or allow data manipulation, the denial of service or unauthorized triggering of notifications could cause confusion or operational inefficiencies. Organizations in sectors such as finance, healthcare, and critical infrastructure that depend heavily on Slack for real-time alerts may experience degraded service quality or missed alerts. Furthermore, the medium severity and ease of remote exploitation with low privileges mean that attackers could leverage this vulnerability as part of a broader attack chain, possibly as a stepping stone to more impactful intrusions. The lack of user interaction requirement facilitates automated exploitation attempts, increasing risk. Given the reliance on Slack integrations in European enterprises, this vulnerability could affect business continuity and operational resilience if left unmitigated.

To mitigate CVE-2025-30978, organizations should first verify whether they use the Slack Notifications by dorzki app, particularly versions up to 2.0.7. Since no official patches are currently available, administrators should consider temporarily disabling or removing the vulnerable integration until a fix is released. Review and tighten access control configurations within Slack and the integration settings to ensure that only authorized users and systems can trigger or receive notifications. Implement monitoring and alerting for unusual notification activity that could indicate exploitation attempts. Employ network segmentation and least privilege principles to limit the exposure of the Slack integration endpoints. Additionally, coordinate with the vendor (dor zuberi) for updates or patches and subscribe to vulnerability advisories to apply fixes promptly once available. Conduct internal audits of Slack app permissions and regularly review third-party app usage to minimize attack surface.