CVE-2025-62487 is a security vulnerability identified in Palantir's Gotham Default Apps Bundle (version 100.30250502.0) affecting the authorization mechanism for image uploads through the Dossier front-end application. The issue originated from a regression introduced in May 2025 intended to enable file sharing across different artifacts such as dossiers and presentations. In deployments configured with Context-Based Access Control (CBAC), a security picker dialog prompts users to assign appropriate security levels to uploaded files, mitigating the risk. However, in environments lacking CBAC configuration, this dialog does not appear, causing uploaded images to be assigned a default CUSTOM security level without proper markings or dataset associations. Consequently, the authorization rules applied default to granting access to the Everyone group, effectively bypassing intended access restrictions. This flaw allows actors with limited privileges to access files beyond their authorization scope, undermining confidentiality. The vulnerability requires the attacker to have some privileges (PR:L) and user interaction (UI:R) but does not impact integrity or availability. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N/CR:H/IR:H/AR:H) reflects a low severity rating with a low impact on confidentiality and no impact on integrity or availability. No public exploits have been reported, and Palantir has acknowledged the issue. The root cause is a missing or incorrect authorization check due to the absence of CBAC configuration, highlighting the importance of proper security policy enforcement in multi-tenant or shared artifact environments.

For European organizations using Palantir Gotham Default Apps Bundle, this vulnerability could lead to unauthorized disclosure of sensitive or confidential information contained in uploaded images. Since the default authorization rules often grant access to the Everyone group, files intended to be restricted could be exposed broadly within the organization or even to external users if network segmentation is weak. This exposure risks violating data protection regulations such as GDPR, potentially resulting in legal and reputational damage. The impact is primarily on confidentiality, with no direct effect on data integrity or system availability. Organizations relying on CBAC configurations are less affected, but those without it or with misconfigured authorization policies face increased risk. The requirement for some privileges and user interaction limits the threat to insider actors or users with limited access, rather than external unauthenticated attackers. However, given Palantir's use in critical sectors including government, defense, and intelligence across Europe, even limited unauthorized access could have serious operational and strategic consequences.

European organizations should immediately verify whether their Palantir Gotham deployments use CBAC configurations. If not configured, they should enable CBAC to ensure the security picker dialog appears and correct security levels are assigned to uploads. Review and tighten the default authorization rules in the Auth Chooser configuration to avoid overly permissive access such as granting Everyone group rights by default. Implement strict role-based access controls and audit logs to monitor file uploads and access patterns. Conduct thorough testing after applying any patches or configuration changes to confirm that security markings are correctly applied. Additionally, restrict upload privileges to trusted users and consider network segmentation to limit exposure of sensitive data. Engage with Palantir support for any available patches or updates addressing this regression. Finally, provide user training to raise awareness about the importance of correctly setting security levels on uploaded content.