CVE-2025-34509
Last modified
CVE-2025-34509 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. EPSS estimates a 38.43% chance of exploitation in the next 30 days.
Description
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sitecore | Experience Commerce | >= 9.0, <= 10.4 |
| Sitecore | Experience Manager | >= 9.0, <= 10.4 |
| Sitecore | Experience Platform | >= 9.0, < 10.4 |
| Sitecore | Experience Platform | 10.4 |
| Sitecore | Managed Cloud | All versions |
References
- https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2025-34509?
How severe is CVE-2025-34509?
How do I fix CVE-2025-34509?
Are you affected by CVE-2025-34509?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST