CVE-2025-3115

Q: What is the severity of CVE-2025-3115?

CVE-2025-3115 has a CVSS score of 9.8 (CRITICAL). CVE-2025-3115 is a critical vulnerability in Spotfire software that allows attackers to inject malicious code and upload malicious files due to insufficient validation. Successful exploitation could lead to complete system compromise. This affects organizations using vulnerable versions of Spotfire.

9.8 CRITICAL

Remote Code Execution

📋 TL;DR

CVE-2025-3115 is a critical vulnerability in Spotfire software that allows attackers to inject malicious code and upload malicious files due to insufficient validation. Successful exploitation could lead to complete system compromise. This affects organizations using vulnerable versions of Spotfire.

💻 Affected Systems

Products:

TIBCO Spotfire

Versions: Specific versions not detailed in provided reference; check vendor advisory for exact affected versions

Operating Systems: All platforms running Spotfire

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in core functionality related to code execution and file upload validation

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the affected server, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Remote code execution allowing attackers to execute arbitrary commands, install malware, or establish persistent access to the system.

🟢

If Mitigated

Limited impact with proper input validation and file upload restrictions preventing successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CVSS 9.8 indicates critical severity with low attack complexity and no authentication required

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-april-08-2025-spotfire-cve-2025-3115-r3485/

Restart Required: Yes

Instructions:

1. Review vendor advisory for affected versions
2. Download and apply the latest security patch from TIBCO
3. Restart Spotfire services
4. Verify patch installation

🔧 Temporary Workarounds

Restrict File Uploads

all

Implement strict file upload validation and whitelist allowed file types

Network Segmentation

all

Isolate Spotfire servers from internet and restrict internal access

🧯 If You Can't Patch

Implement web application firewall with injection protection rules
Disable or restrict file upload functionality entirely

🔍 How to Verify

Check if Vulnerable:

Check Spotfire version against vendor advisory; vulnerable if running affected versions

Check Version:

Check Spotfire administration console or installation logs for version information

Verify Fix Applied:

Verify Spotfire version matches patched version from vendor advisory

📡 Detection & Monitoring

Log Indicators:

Unusual file upload patterns
Suspicious code execution attempts
Unexpected process creation

Network Indicators:

Unusual outbound connections from Spotfire server
Suspicious file upload requests

SIEM Query:

source="spotfire" AND (event="file_upload" OR event="code_execution") AND status="suspicious"

📊 Metadata

CVE ID: CVE-2025-3115

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

EPSS Score: 0.86% exploit probability (74.6th percentile)

Published: April 9, 2025

Last Updated: November 11, 2025

🔗 References

https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-april-08-2025-spotfire-cve-2025-3115-r3485/

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Spotfire Analyst by Tibco

Spotfire Analyst by Tibco

Spotfire Analyst by Tibco

Spotfire Analyst by Tibco

Spotfire Analyst by Tibco

Spotfire Analyst by Tibco

Spotfire Analytics Platform by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Deployment Kit by Tibco

Spotfire Desktop by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Enterprise Runtime For R by Tibco

Spotfire Statistics Services by Tibco

Spotfire Statistics Services by Tibco

Spotfire Statistics Services by Tibco

Spotfire Statistics Services by Tibco

Spotfire Statistics Services by Tibco

Spotfire Statistics Services by Tibco

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict File Uploads

Network Segmentation

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities