CVE-2025-4377 is a high-severity vulnerability affecting Sparx Systems Pro Cloud Server versions earlier than 6.0.165. The root cause is an improper limitation of a pathname to a restricted directory, classified under CWE-22 (Path Traversal) and CWE-20 (Improper Input Validation). Specifically, the vulnerability exists in the logview.php component, which is part of the Pro Cloud Server Configuration interface. This flaw allows an attacker with authenticated access and high privileges (as indicated by the CVSS vector requiring PR:H) to manipulate the pathname input parameters to read arbitrary files on the underlying filesystem. The vulnerability does not require user interaction and can be exploited remotely over the network (AV:N). The impact on confidentiality is high since sensitive files can be exposed, while integrity and availability impacts are low to limited. The vulnerability scope is high, affecting the entire Pro Cloud Server installation, and the attack complexity is low, given the lack of additional conditions or user interaction. No known exploits are currently reported in the wild, but the presence of this vulnerability in a server product used for enterprise modeling and collaboration poses a significant risk if left unpatched.

For European organizations using Sparx Systems Pro Cloud Server, this vulnerability could lead to unauthorized disclosure of sensitive configuration files, credentials, or other critical data stored on the server. Since Pro Cloud Server is often used in software development, systems engineering, and enterprise architecture environments, exposure of internal project data or infrastructure details could facilitate further targeted attacks, including lateral movement within networks. The requirement for high privilege authentication reduces the risk from external attackers without credentials but raises concerns about insider threats or compromised accounts. The breach of confidentiality could also lead to compliance violations under GDPR if personal or sensitive data is exposed. Additionally, the loss of trust and potential operational disruptions during incident response could have financial and reputational consequences for affected organizations.

Organizations should immediately upgrade Sparx Systems Pro Cloud Server to version 6.0.165 or later, where this vulnerability is addressed. Until patching is possible, restrict access to the Pro Cloud Server Configuration interface to trusted administrators only, ideally through network segmentation and VPNs. Implement strict access controls and monitor authentication logs for suspicious activity indicating potential misuse of privileged accounts. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting logview.php. Conduct regular security audits and penetration tests focusing on input validation weaknesses. Additionally, enforce the principle of least privilege for all user accounts and consider multi-factor authentication (MFA) to reduce the risk of credential compromise. Finally, maintain up-to-date backups and incident response plans tailored to potential data exposure scenarios.