CVE-2025-53111 is a medium-severity vulnerability affecting the GLPI software, a widely used free asset and IT management platform. The vulnerability arises from improper access control (CWE-284) and inadequate authorization checks (CWE-862) in versions from 0.80 up to 10.0.18 inclusive. Specifically, the software lacks sufficient permission verification, allowing users with limited privileges (requiring at least some level of authentication) to gain unauthorized access to certain resources. The vulnerability does not require user interaction and can be exploited remotely over the network (AV:N), with low attack complexity (AC:L). The impact primarily affects confidentiality, as unauthorized users can view sensitive data without proper authorization, but does not affect integrity or availability. The vulnerability has been addressed in version 10.0.19 of GLPI. There are no known exploits in the wild at this time. The CVSS v3.1 base score is 6.5, reflecting the medium severity due to the high confidentiality impact but limited scope and required privileges.

For European organizations, this vulnerability poses a significant risk to the confidentiality of sensitive IT asset and management data stored within GLPI instances. Unauthorized access could lead to exposure of internal infrastructure details, asset inventories, user information, or configuration data, which could be leveraged for further attacks or espionage. Organizations relying on GLPI for IT service management, particularly in sectors such as government, healthcare, finance, and critical infrastructure, may face compliance issues under GDPR and other data protection regulations if sensitive data is exposed. Although the vulnerability does not directly impact system integrity or availability, the unauthorized disclosure of confidential information can undermine trust and operational security. The requirement for at least some level of authentication reduces the risk from anonymous attackers but does not eliminate the threat from insider threats or compromised accounts.

European organizations using GLPI should urgently upgrade all affected instances to version 10.0.19 or later, where the vulnerability is patched. Until upgrades can be performed, organizations should implement strict access controls and monitoring on GLPI user accounts, especially limiting privileges to only those necessary for job functions. Conduct thorough audits of user permissions to detect any privilege escalations or anomalous access patterns. Network segmentation and firewall rules should restrict access to GLPI management interfaces to trusted internal networks or VPN users. Additionally, enable and review GLPI logging features to detect unauthorized access attempts. Organizations should also consider multi-factor authentication (MFA) for GLPI accounts to reduce the risk of credential compromise. Finally, ensure that incident response plans include procedures for potential data exposure scenarios related to this vulnerability.