CVE-2025-13165
📋 TL;DR
EasyFlow GP developed by Digiwin has an unauthenticated remote denial-of-service vulnerability. Attackers can send specific requests to crash the web service, affecting all users of vulnerable versions. This impacts organizations using EasyFlow GP for workflow management.
💻 Affected Systems
- EasyFlow GP
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete web service outage making EasyFlow GP inaccessible to all users, disrupting business workflows until service is restored.
Likely Case
Intermittent service disruptions affecting productivity and workflow processing capabilities.
If Mitigated
Minimal impact with proper network segmentation and rate limiting preventing exploitation attempts.
🎯 Exploit Status
The vulnerability requires sending specific crafted requests to the web service endpoint. No authentication is required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check with Digiwin for specific patched version
Vendor Advisory: https://www.twcert.org.tw/en/cp-139-10504-23f4c-2.html
Restart Required: Yes
Instructions:
1. Contact Digiwin support for the security patch. 2. Backup current configuration. 3. Apply the patch following vendor instructions. 4. Restart the EasyFlow GP service. 5. Verify service functionality.
🔧 Temporary Workarounds
Network Access Control
allRestrict access to EasyFlow GP web service to trusted IP addresses only
Web Application Firewall
allImplement WAF rules to block suspicious requests to the web service
🧯 If You Can't Patch
- Implement strict network segmentation to isolate EasyFlow GP from untrusted networks
- Deploy rate limiting and request filtering at the network perimeter
🔍 How to Verify
Check if Vulnerable:
Check EasyFlow GP version against vendor advisory. Monitor for service crashes after receiving specific web requests.Check Version:
Check version through EasyFlow GP administration interface or consult vendor documentationVerify Fix Applied:
Verify patch installation and test service stability under normal and stress conditions.📡 Detection & Monitoring
Log Indicators:
- Multiple failed connection attempts
- Service crash logs
- Unusual request patterns to web endpoints
Network Indicators:
- High volume of requests to EasyFlow GP web ports
- Requests with unusual patterns or payloads
SIEM Query:
source="EasyFlow GP" AND (event_type="service_crash" OR status="500")