CVE-2025-65239: n/a
CVE-2025-65239 is a medium-severity vulnerability in OpenCode Systems USSD Gateway OC Release 5, version 6. 13. 11, where improper access control on the /aux1/ocussd/trace endpoint allows attackers with low-level privileges to read server logs. This flaw does not require user interaction and can be exploited remotely over the network. The vulnerability impacts confidentiality by exposing potentially sensitive log data but does not affect integrity or availability. No known exploits are currently reported in the wild. European organizations using this USSD gateway software could face information disclosure risks, especially telecom operators and service providers. Mitigation involves implementing strict access controls on the affected endpoint and monitoring for unauthorized access attempts. Countries with significant telecom infrastructure using OpenCode Systems products, such as Germany, France, and the UK, are more likely to be affected. The CVSS score of 4.
AI Analysis
Technical Summary
CVE-2025-65239 identifies an incorrect access control vulnerability in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release 5, version 6.13.11. This endpoint is intended for tracing or diagnostic purposes but lacks proper authorization checks, allowing attackers with low-level privileges (PR:L) to remotely access server logs without requiring user interaction. The vulnerability is categorized under CWE-284 (Improper Access Control), indicating a failure to restrict access to sensitive resources appropriately. The CVSS v3.1 base score is 4.3, with vector AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, meaning the attack can be performed over the network with low attack complexity, requires some privileges but no user interaction, and impacts confidentiality only. Server logs may contain sensitive information such as system details, error messages, or user data, which could aid attackers in further reconnaissance or targeted attacks. No patches or exploits are currently documented, but the vulnerability's presence in a telecom-related gateway product suggests a potential risk to communications infrastructure. The lack of integrity or availability impact limits the severity, but confidentiality breaches in telecom environments can have serious privacy and security implications.
Potential Impact
For European organizations, particularly telecom operators and mobile service providers using OpenCode Systems USSD Gateway OC Release 5, this vulnerability poses a risk of unauthorized disclosure of server logs. Exposure of logs can reveal sensitive operational details, user session information, or internal system errors, potentially aiding attackers in crafting more sophisticated attacks or violating user privacy regulations such as GDPR. While the vulnerability does not directly disrupt service availability or data integrity, the confidentiality breach could undermine trust and lead to regulatory penalties. The impact is more pronounced in countries with large telecom markets and critical communications infrastructure, where such gateways are integral to mobile network operations and customer service platforms.
Mitigation Recommendations
Organizations should immediately audit access controls on the /aux1/ocussd/trace endpoint to ensure only authorized personnel can access server logs. Implement role-based access control (RBAC) or similar mechanisms to restrict endpoint usage strictly to trusted administrators. Network-level protections such as IP whitelisting, VPN access, or firewall rules should be applied to limit exposure of the endpoint. Regularly review and sanitize server logs to avoid storing sensitive information unnecessarily. Monitor access logs for unusual or unauthorized access attempts to the trace endpoint. If possible, update or patch the USSD Gateway software once a vendor fix is released. In the interim, consider disabling or restricting the trace endpoint if it is not essential for operations. Conduct security awareness training for administrators to recognize and report suspicious activities related to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands
CVE-2025-65239: n/a
Description
CVE-2025-65239 is a medium-severity vulnerability in OpenCode Systems USSD Gateway OC Release 5, version 6. 13. 11, where improper access control on the /aux1/ocussd/trace endpoint allows attackers with low-level privileges to read server logs. This flaw does not require user interaction and can be exploited remotely over the network. The vulnerability impacts confidentiality by exposing potentially sensitive log data but does not affect integrity or availability. No known exploits are currently reported in the wild. European organizations using this USSD gateway software could face information disclosure risks, especially telecom operators and service providers. Mitigation involves implementing strict access controls on the affected endpoint and monitoring for unauthorized access attempts. Countries with significant telecom infrastructure using OpenCode Systems products, such as Germany, France, and the UK, are more likely to be affected. The CVSS score of 4.
AI-Powered Analysis
Technical Analysis
CVE-2025-65239 identifies an incorrect access control vulnerability in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release 5, version 6.13.11. This endpoint is intended for tracing or diagnostic purposes but lacks proper authorization checks, allowing attackers with low-level privileges (PR:L) to remotely access server logs without requiring user interaction. The vulnerability is categorized under CWE-284 (Improper Access Control), indicating a failure to restrict access to sensitive resources appropriately. The CVSS v3.1 base score is 4.3, with vector AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, meaning the attack can be performed over the network with low attack complexity, requires some privileges but no user interaction, and impacts confidentiality only. Server logs may contain sensitive information such as system details, error messages, or user data, which could aid attackers in further reconnaissance or targeted attacks. No patches or exploits are currently documented, but the vulnerability's presence in a telecom-related gateway product suggests a potential risk to communications infrastructure. The lack of integrity or availability impact limits the severity, but confidentiality breaches in telecom environments can have serious privacy and security implications.
Potential Impact
For European organizations, particularly telecom operators and mobile service providers using OpenCode Systems USSD Gateway OC Release 5, this vulnerability poses a risk of unauthorized disclosure of server logs. Exposure of logs can reveal sensitive operational details, user session information, or internal system errors, potentially aiding attackers in crafting more sophisticated attacks or violating user privacy regulations such as GDPR. While the vulnerability does not directly disrupt service availability or data integrity, the confidentiality breach could undermine trust and lead to regulatory penalties. The impact is more pronounced in countries with large telecom markets and critical communications infrastructure, where such gateways are integral to mobile network operations and customer service platforms.
Mitigation Recommendations
Organizations should immediately audit access controls on the /aux1/ocussd/trace endpoint to ensure only authorized personnel can access server logs. Implement role-based access control (RBAC) or similar mechanisms to restrict endpoint usage strictly to trusted administrators. Network-level protections such as IP whitelisting, VPN access, or firewall rules should be applied to limit exposure of the endpoint. Regularly review and sanitize server logs to avoid storing sensitive information unnecessarily. Monitor access logs for unusual or unauthorized access attempts to the trace endpoint. If possible, update or patch the USSD Gateway software once a vendor fix is released. In the interim, consider disabling or restricting the trace endpoint if it is not essential for operations. Conduct security awareness training for administrators to recognize and report suspicious activities related to this vulnerability.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2025-11-18T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 6927289df2ee3b97400f2f2c
Added to database: 11/26/2025, 4:19:41 PM
Last enriched: 12/3/2025, 4:54:52 PM
Last updated: 1/11/2026, 6:13:21 AM
Views: 70
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-0838: Buffer Overflow in UTT 进取 520W
HighCVE-2026-0837: Buffer Overflow in UTT 进取 520W
HighCVE-2026-0836: Buffer Overflow in UTT 进取 520W
HighCVE-2025-15505: Cross Site Scripting in Luxul XWR-600
MediumCVE-2026-0824: Cross Site Scripting in questdb ui
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.