CVE-2025-65480 is a critical vulnerability identified in Pacom Unison Client version 5.13.1, involving the injection of malicious scripts into Report Templates by authenticated users. The vulnerability is categorized under CWE-78, indicating OS Command Injection, where the application fails to properly sanitize or validate input within report templates. When certain script conditions are met, these injected scripts execute with the privileges of the application, enabling remote code execution (RCE). The attack vector is network-based (AV:N), with low attack complexity (AC:L), requiring only privileges of an authenticated user (PR:L) and no user interaction (UI:N). The vulnerability impacts confidentiality, integrity, and availability (all rated high), allowing attackers to execute arbitrary commands, potentially leading to full system compromise. No patches or official fixes are currently listed, and no exploits have been reported in the wild yet. The vulnerability's existence highlights the risk of insufficient input validation in client-side reporting features, which can be leveraged by insiders or compromised accounts to escalate privileges or disrupt operations.

The exploitation of CVE-2025-65480 can have severe consequences for organizations worldwide. Successful attacks can lead to full remote code execution on systems running Pacom Unison Client, allowing attackers to execute arbitrary commands, install malware, exfiltrate sensitive data, or disrupt critical services. Given the high privileges typically associated with the client application, attackers could pivot within networks, escalate privileges, or cause denial of service. This poses a significant risk to organizations relying on Pacom Unison Client for security or operational management, especially in sectors such as critical infrastructure, manufacturing, and large enterprises. The lack of known exploits in the wild suggests a window for proactive mitigation, but the ease of exploitation and high impact necessitate urgent attention to prevent potential breaches.

To mitigate CVE-2025-65480, organizations should implement the following specific measures: 1) Immediately restrict access to the Report Templates feature to only trusted and necessary authenticated users to reduce the attack surface. 2) Employ strict input validation and sanitization on all user-supplied data within report templates, ideally using whitelisting approaches for allowed commands or scripts. 3) Monitor and audit changes to report templates and related configurations to detect unauthorized modifications. 4) Use application-layer firewalls or intrusion detection systems to identify and block suspicious script injection attempts targeting the client. 5) Segregate the network environment hosting Pacom Unison Client to limit lateral movement in case of compromise. 6) Engage with the vendor for patches or official updates and apply them promptly once available. 7) Conduct regular security training for users with authenticated access to raise awareness about the risks of script injection. 8) Implement robust logging and alerting mechanisms to detect anomalous execution patterns indicative of exploitation attempts.