Login Sign Up

CVE-2025-10097

6.3 MEDIUM
Remote Code Execution

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code on SimStudioAI sim servers by injecting malicious code through the 'code' parameter in the execute route API. It affects all users running SimStudioAI sim version 1.0.0 or earlier. The vulnerability is remotely exploitable without authentication.

💻 Affected Systems

Products:
  • SimStudioAI sim
Versions: up to and including 1.0.0
Operating Systems: All platforms running SimStudioAI sim
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments with the vulnerable API endpoint exposed are affected regardless of configuration.

📦 What is this software?

Sim by Sim

View all CVEs affecting Sim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary commands, steal sensitive data, install malware, or pivot to other systems in the network.

🟠

Likely Case

Unauthorized code execution leading to data exfiltration, service disruption, or installation of backdoors for persistent access.

🟢

If Mitigated

Limited impact with proper input validation and execution sandboxing, potentially resulting in failed exploitation attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Remote exploitation requires no authentication and involves simple code injection via API parameter.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 1.0.0

Vendor Advisory: https://github.com/simstudioai/sim/issues/961

Restart Required: No

Instructions:

1. Update SimStudioAI sim to the latest version. 2. Verify the patch is applied by checking the version. 3. No restart required for typical deployments.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation to reject malicious code patterns in the 'code' parameter.

API Endpoint Restriction

all

Restrict access to the vulnerable API endpoint using network controls or authentication.

🧯 If You Can't Patch

  • Implement Web Application Firewall (WAF) rules to block code injection patterns
  • Isolate the vulnerable system in a restricted network segment

🔍 How to Verify

Check if Vulnerable:

Check if running SimStudioAI sim version 1.0.0 or earlier and verify the execute route API endpoint is accessible.

Check Version:

Check package.json or application configuration for version information

Verify Fix Applied:

Confirm the application version is updated beyond 1.0.0 and test the API endpoint with safe test inputs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual code execution patterns in API logs
  • Multiple failed injection attempts
  • Suspicious payloads in 'code' parameter

Network Indicators:

  • Unusual outbound connections from the application server
  • Traffic patterns indicating code execution

SIEM Query:

source="simstudioai" AND (message="execute" OR message="code") AND (message="injection" OR message="malicious")

📊 Metadata

CVE ID: CVE-2025-10097
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.03% exploit probability (7.1th percentile)
Published: September 8, 2025
Last Updated: September 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10097, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)