CVE-2025-58059 is a critical OS command injection vulnerability (CWE-78) found in the valtimo-backend-libraries component of the Valtimo platform, a business process automation solution. The vulnerability affects versions prior to 12.16.0.RELEASE and versions from 13.0.0.RELEASE up to but not including 13.1.2.RELEASE. It allows an authenticated user with admin privileges who can create, modify, and execute process definitions to execute arbitrary OS commands on the host running the application. This is possible because of improper neutralization of special elements in OS commands within the process execution engine, specifically leveraging scripting capabilities via the Camunda/Operator engine. Exploitation can lead to full compromise of confidentiality, integrity, and availability of the host system and application environment. Attackers could run arbitrary executables, extract sensitive data from the host environment, application properties, and even inspect internal Spring beans such as application context and database connection pools. The vulnerability requires the attacker to be authenticated with admin rights and have some knowledge of scripting within the process engine. The vendor has patched this issue in versions 12.16.0 and 13.1.2. As a temporary mitigation, disabling scripting via ProcessEngineConfiguration is possible but may cause unexpected side effects. The CVSS v3.1 base score is 9.1, reflecting the critical nature of this vulnerability with network attack vector, low attack complexity, high privileges required, no user interaction, and complete impact on confidentiality, integrity, and availability. No known exploits are currently reported in the wild.

For European organizations using the Valtimo platform for business process automation, this vulnerability poses a severe risk. Successful exploitation could lead to unauthorized execution of arbitrary commands on critical backend servers, resulting in data breaches, unauthorized data exfiltration, disruption of business processes, and potential lateral movement within the network. Given the administrative privileges required, insider threats or compromised admin accounts are the most likely attack vectors. The ability to access sensitive configuration and environment data could facilitate further attacks or espionage. Disruption of automated business processes could impact operational continuity, regulatory compliance, and customer trust. Organizations in sectors with stringent data protection requirements, such as finance, healthcare, and government, are particularly vulnerable to the confidentiality and integrity impacts. The critical severity and broad impact on confidentiality, integrity, and availability make prompt remediation essential to prevent potentially devastating consequences.

1. Immediate upgrade to Valtimo platform versions 12.16.0 or 13.1.2 or later to apply the official patches addressing this vulnerability. 2. If upgrading is not immediately feasible, disable scripting capabilities in the process engine via ProcessEngineConfiguration to prevent execution of arbitrary scripts, while carefully testing for any side effects on business processes. 3. Restrict admin role assignments strictly to trusted personnel and enforce strong authentication mechanisms, including multi-factor authentication, to reduce risk of credential compromise. 4. Monitor logs for unusual process definition creations or executions, especially those involving scripting or command execution patterns. 5. Implement network segmentation and host-based controls to limit the impact of potential command execution on critical infrastructure. 6. Conduct security awareness training for administrators on risks related to scripting and process definition management. 7. Regularly audit and review process definitions and scripts for unauthorized or suspicious changes. 8. Employ runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect and block anomalous command execution attempts at the host level.