CVE-2025-54970

Published: Oct 27, 2025Modified: Oct 31, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some configurations, this may allow remote or local users to abort jobs or read information without the permissions of the job owner.

Affected (1)

Products: Baesystems: Socet Gxp

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Baesystems Socet Gxp	Before 4.6.0.2

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.baesystems.com/en-us/product/geospatial-exploitation-products

Source: cve@mitre.org

Product

https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54970

Source: cve@mitre.org

MitigationVendor Advisory

Timeline

No history available yet.