CVE-2025-7389: CWE-552 in Progress Software Corporation OpenEdge
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read arbitrary files on the host system through the misuse of the setFile() and openFile() methods exposed through the RMI interface. Misuse was limited only by OS-level authority of the AdminServer's elevated privileges granted and the user's access to these methods enabled through RMI. The exploitable methods have been removed thus eliminating their access through RMI or downstream of the RMI registry.
AI Analysis
Technical Summary
This vulnerability (CVE-2025-7389) in OpenEdge's AdminServer component allows authenticated users to leverage the AdminServer's elevated OS-level privileges to read arbitrary files on the host system. The issue stems from the setFile() and openFile() methods accessible through the RMI interface, which were improperly secured. These methods have been removed from the RMI interface to prevent exploitation. The vulnerability affects OpenEdge versions 12.2.0 and 12.8.0. The CVSS 4.0 score is 8.2, indicating high severity. No official patch or remediation guidance has been provided by the vendor as of the published date.
Potential Impact
Authenticated users with access to the AdminServer component can exploit this vulnerability to gain OS-level access and read arbitrary files on the server hosting OpenEdge. This could lead to unauthorized disclosure of sensitive information and potential further compromise depending on the data accessed. The elevated privileges of the AdminServer process amplify the impact. No known active exploits have been reported.
Mitigation Recommendations
The vulnerable methods (setFile() and openFile()) have been removed from the RMI interface, effectively eliminating this attack vector. However, no official patch or remediation level has been documented by the vendor. Users should verify that their OpenEdge installations do not expose these methods via RMI and monitor vendor advisories for any forthcoming official fixes or guidance. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
CVE-2025-7389: CWE-552 in Progress Software Corporation OpenEdge
Description
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read arbitrary files on the host system through the misuse of the setFile() and openFile() methods exposed through the RMI interface. Misuse was limited only by OS-level authority of the AdminServer's elevated privileges granted and the user's access to these methods enabled through RMI. The exploitable methods have been removed thus eliminating their access through RMI or downstream of the RMI registry.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2025-7389) in OpenEdge's AdminServer component allows authenticated users to leverage the AdminServer's elevated OS-level privileges to read arbitrary files on the host system. The issue stems from the setFile() and openFile() methods accessible through the RMI interface, which were improperly secured. These methods have been removed from the RMI interface to prevent exploitation. The vulnerability affects OpenEdge versions 12.2.0 and 12.8.0. The CVSS 4.0 score is 8.2, indicating high severity. No official patch or remediation guidance has been provided by the vendor as of the published date.
Potential Impact
Authenticated users with access to the AdminServer component can exploit this vulnerability to gain OS-level access and read arbitrary files on the server hosting OpenEdge. This could lead to unauthorized disclosure of sensitive information and potential further compromise depending on the data accessed. The elevated privileges of the AdminServer process amplify the impact. No known active exploits have been reported.
Mitigation Recommendations
The vulnerable methods (setFile() and openFile()) have been removed from the RMI interface, effectively eliminating this attack vector. However, no official patch or remediation level has been documented by the vendor. Users should verify that their OpenEdge installations do not expose these methods via RMI and monitor vendor advisories for any forthcoming official fixes or guidance. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- ProgressSoftware
- Date Reserved
- 2025-07-09T13:01:22.716Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69de455082d89c981f9c8a9f
Added to database: 4/14/2026, 1:46:56 PM
Last enriched: 4/14/2026, 2:01:57 PM
Last updated: 4/14/2026, 3:33:46 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.