CVE-2025-58986 is a missing authorization vulnerability identified in the ganddser Jock On Air Now (JOAN) software, affecting versions up to and including 6.0.4. This vulnerability arises from incorrectly configured access control security levels, allowing users with high privileges to bypass authorization checks improperly. Specifically, the flaw permits these authenticated users to perform unauthorized actions that compromise the confidentiality and integrity of the system's data. The vulnerability does not affect system availability. The CVSS 3.1 base score is 6.5, indicating a medium severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), requiring high privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality and integrity (C:H/I:H), but no impact on availability (A:N). No public exploits have been reported yet, and no patches are currently linked, suggesting organizations must proactively audit and harden access controls. The vulnerability is particularly relevant for environments where JOAN is used for broadcast automation or media content management, as unauthorized access could lead to data leakage or manipulation of broadcast content.

For European organizations, especially those in the media and broadcasting sectors using JOAN software, this vulnerability poses a significant risk to the confidentiality and integrity of sensitive broadcast content and operational data. Unauthorized actions by high-privilege users could lead to data breaches, manipulation of broadcast schedules, or unauthorized content insertion, potentially damaging brand reputation and causing regulatory compliance issues under GDPR. While availability is not impacted, the breach of confidentiality and integrity could disrupt business operations and trust. The requirement for high privilege and authentication limits the threat to insiders or compromised accounts, but insider threats or credential theft remain critical concerns. Organizations with integrated broadcast and IT infrastructure could see cascading effects if attackers leverage this vulnerability to move laterally or escalate privileges further.

European organizations should immediately audit and review access control configurations within JOAN to ensure that privilege levels are correctly enforced and that no unauthorized actions can be performed by high-privilege users beyond their intended scope. Implement strict role-based access control (RBAC) policies and regularly review user privileges, especially for administrative accounts. Monitor logs for unusual or unauthorized activities by privileged users. Although no patches are currently available, organizations should maintain close contact with the vendor for updates and apply patches promptly once released. Employ multi-factor authentication (MFA) for all privileged accounts to reduce the risk of credential compromise. Network segmentation and limiting administrative access to trusted networks can further reduce exploitation risk. Conduct regular security awareness training to mitigate insider threats and enforce the principle of least privilege throughout the organization.