CVE-2025-63665 is a critical vulnerability identified in GT Edge AI Community Edition versions before 2.0.12. The flaw arises from improper input validation and unsafe deserialization of JSON data submitted through the Prompt window interface. An attacker can craft a malicious JSON payload that, when processed by the vulnerable software, leads to arbitrary code execution on the host system. This vulnerability is classified under CWE-94 (Improper Control of Generation of Code), indicating that the software dynamically generates or executes code based on untrusted input without sufficient sanitization. The CVSS v3.1 base score of 9.8 reflects the vulnerability's characteristics: it is remotely exploitable over the network (AV:N), requires no privileges (PR:N), no user interaction (UI:N), and impacts confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability allows attackers to gain full control over affected systems, potentially leading to data theft, system manipulation, or disruption of AI services. Although no known exploits have been reported in the wild yet, the high severity and straightforward exploitation vector make it a critical risk for organizations relying on GT Edge AI Community Edition. The lack of available patches at the time of disclosure necessitates immediate attention to upgrade to version 2.0.12 or later once available. The vulnerability highlights the importance of secure coding practices, especially in AI platforms that process complex input data.

For European organizations, the impact of CVE-2025-63665 can be severe. Successful exploitation can lead to complete system compromise, allowing attackers to execute arbitrary commands, steal sensitive data, manipulate AI model outputs, or disrupt AI-driven operations. This is particularly critical for industries relying on AI for decision-making, automation, or critical infrastructure management, such as finance, healthcare, manufacturing, and energy sectors. The breach of confidentiality could expose proprietary AI models or personal data protected under GDPR, leading to regulatory penalties and reputational damage. Integrity violations could result in corrupted AI outputs, causing erroneous business decisions or safety risks. Availability impacts could disrupt essential AI services, causing operational downtime. Given the remote and unauthenticated nature of the exploit, attackers can target exposed systems across networks without needing insider access, increasing the threat surface. European organizations with AI deployments using GT Edge AI Community Edition must prioritize remediation to avoid potential espionage, sabotage, or ransomware attacks leveraging this vulnerability.

1. Immediate upgrade to GT Edge AI Community Edition version 2.0.12 or later, where the vulnerability is patched. 2. If patching is not immediately possible, restrict network access to the Prompt window interface using firewalls or network segmentation to limit exposure. 3. Implement strict input validation and sanitization controls on JSON inputs at the application layer to prevent injection of malicious payloads. 4. Employ runtime application self-protection (RASP) or web application firewalls (WAF) capable of detecting and blocking anomalous JSON payloads or suspicious request patterns. 5. Monitor logs and network traffic for unusual activity related to the Prompt window, including unexpected JSON payloads or execution attempts. 6. Conduct security audits and code reviews focusing on deserialization and dynamic code execution paths in AI software components. 7. Educate development and operations teams on secure coding practices to avoid CWE-94 type vulnerabilities in future releases. 8. Maintain up-to-date backups and incident response plans to quickly recover from potential exploitation. 9. Coordinate with GT Edge AI vendor for timely updates and advisories.