CVE-2025-55372 is an arbitrary file upload vulnerability affecting the Beakon Application prior to version 5.4.3. This vulnerability allows an unauthenticated attacker to upload a crafted file to the application, which can then be executed to run arbitrary code on the affected system. The vulnerability is categorized under CWE-77, which relates to improper neutralization of special elements used in a command ('Command Injection'). The CVSS v3.1 base score is 5.3 (medium severity), with the vector indicating that the attack can be performed remotely (AV:N), requires low attack complexity (AC:L), does not require privileges (PR:N), and no user interaction (UI:N). The impact is limited to integrity (I:L) with no confidentiality (C:N) or availability (A:N) impact. No known exploits are currently reported in the wild, and no patch links are provided, suggesting that remediation may still be pending or not publicly available. The vulnerability allows attackers to execute arbitrary code by uploading malicious files, which could lead to unauthorized command execution within the context of the application, potentially compromising the system or furthering lateral movement within a network.

For European organizations using Beakon Application versions prior to 5.4.3, this vulnerability poses a moderate risk. Successful exploitation could allow attackers to execute arbitrary code remotely without authentication or user interaction, potentially leading to unauthorized system manipulation or data tampering. While confidentiality and availability impacts are not directly indicated, the integrity compromise could affect critical business processes or data accuracy. Organizations in sectors with high reliance on Beakon Application, such as industrial control, logistics, or enterprise management, may face operational disruptions or reputational damage if exploited. The lack of known exploits reduces immediate risk, but the ease of exploitation and remote attack vector mean that attackers could develop exploits rapidly once the vulnerability details are widely known. European organizations should be vigilant, especially those with internet-facing Beakon Application deployments.

1. Immediate upgrade to Beakon Application version 5.4.3 or later once available, as this version addresses the vulnerability. 2. Until patching is possible, restrict access to the Beakon Application upload functionality by implementing network-level controls such as IP whitelisting or VPN access to limit exposure. 3. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious file upload patterns or command injection attempts. 4. Conduct thorough input validation and sanitization on file uploads, ensuring only allowed file types and sizes are accepted. 5. Monitor application logs and network traffic for unusual file upload activities or execution of unexpected commands. 6. Implement strict file system permissions to limit the execution capabilities of uploaded files and isolate the application environment. 7. Educate system administrators and security teams about this vulnerability to ensure rapid response and incident handling if exploitation is suspected.