CVE-2025-11853 – CVE-2025-11853 is an improper access control vu... (How to Fix)

Q: What is the severity of CVE-2025-11853?

CVE-2025-11853 has a CVSS score of 6.3 (MEDIUM). CVE-2025-11853 is an improper access control vulnerability in Sismics Teedy's API endpoint that allows unauthorized access to files. Attackers can exploit this remotely to access sensitive documents without proper authentication. This affects all Teedy installations up to version 1.11.

📋 TL;DR

CVE-2025-11853 is an improper access control vulnerability in Sismics Teedy's API endpoint that allows unauthorized access to files. Attackers can exploit this remotely to access sensitive documents without proper authentication. This affects all Teedy installations up to version 1.11.

💻 Affected Systems

Products:

Sismics Teedy

Versions: Up to and including 1.11

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations are vulnerable if the API endpoint is accessible.

📦 What is this software?

Teedy by Sismics

View all CVEs affecting Teedy →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all stored documents including sensitive/confidential files, potentially leading to data breach and regulatory violations.

🟠

Likely Case

Unauthorized access to some files, potentially exposing sensitive business documents or personal information.

🟢

If Mitigated

Limited impact with proper network segmentation and additional authentication layers preventing exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploit details are publicly disclosed but no public proof-of-concept code is available. Attack requires understanding of API structure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.12 or later

Vendor Advisory: No official vendor advisory available

Restart Required: No

Instructions:

1. Upgrade Teedy to version 1.12 or later. 2. Verify the /api/file endpoint now properly enforces access controls.

🔧 Temporary Workarounds

API Endpoint Restriction

all

Block or restrict access to the vulnerable /api/file endpoint

🧯 If You Can't Patch

Implement network-level access controls to restrict API endpoint access to authorized users only
Deploy a web application firewall (WAF) with rules to detect and block unauthorized API requests

🔍 How to Verify

Check if Vulnerable:

Check Teedy version via web interface or configuration files. If version is 1.11 or earlier, system is vulnerable.

Check Version:

Check web interface or examine application configuration files for version information

Verify Fix Applied:

After upgrade, attempt to access /api/file endpoint with unauthorized credentials - should receive proper access denied response.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /api/file endpoint
Multiple failed authentication attempts followed by successful file access

Network Indicators:

Unusual API request patterns to /api/file endpoint
File downloads from unauthorized IP addresses

SIEM Query:

source="teedy" AND (uri_path="/api/file" AND response_code=200) AND user="anonymous"

📊 Metadata

CVE ID: CVE-2025-11853

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-266

EPSS Score: 0.04% exploit probability (13th percentile)

Published: October 16, 2025

Last Updated: February 24, 2026

🔗 References

https://docs.google.com/document/d/1PzTPCtavuLx_GwREvshGMQ8N5zFDmpe-OAR5kZwOZfE/edit?usp=sharing Exploit,Third Party Advisory
https://vuldb.com/?ctiid.328799 Permissions Required,VDB Entry
https://vuldb.com/?id.328799 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.657060 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11853, you might also want to check these: