Strix
26.1K

CVE-2025-14265

CRITICALCVSS 9.1/10EPSS 0.32%

Last modified

CVE-2025-14265 is a critical-severity vulnerability rated 9.1/10 on the CVSS scale. In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of custom code on the server or unauthorized access to application configuration data. EPSS estimates a 0.32% chance of exploitation in the next 30 days.

Description

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of custom code on the server or unauthorized access to application configuration data. This issue affects only the ScreenConnect server component; host and guest clients are not impacted. ScreenConnect 25.8 introduces enhanced server-side configuration handling and integrity checks to ensure only trusted extensions can be installed.

Metrics

CVSS 3.1
9.1/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Probability
0.32%

24.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ConnectwiseScreenconnect< 25.8.0.9438

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-14265?
In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of custom code on the server or unauthorized access to application configuration data. This issue affects only the ScreenConnect server component; host and guest clients are not impacted. ScreenConnect 25.8 introduces enhanced server-side configuration handling and integrity checks to ensure only trusted extensions can be installed.
How severe is CVE-2025-14265?
CVE-2025-14265 has a CVSS score of 9.1/10 (CRITICAL severity). The EPSS model estimates a 0.32% probability of exploitation in the next 30 days.
How do I fix CVE-2025-14265?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-14265?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST