CVE-2025-65480
📋 TL;DR
This vulnerability allows authenticated users of Pacom Unison Client 5.13.1 to inject malicious scripts into Report Templates. When specific script conditions are met, these scripts execute, potentially leading to remote code execution on affected systems. Organizations using this specific version of the software are at risk.
💻 Affected Systems
- Pacom Unison Client
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise with attacker gaining administrative privileges, data exfiltration, lateral movement within the network, and persistent backdoor installation.
Likely Case
Authenticated attackers execute arbitrary code within the application context, potentially accessing sensitive data, modifying reports, or disrupting operations.
If Mitigated
Limited impact due to network segmentation, strict access controls, and monitoring preventing successful exploitation or containing damage.
🎯 Exploit Status
Exploitation requires authenticated access and knowledge of report template scripting; no public exploit code available at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.13.2 or later
Vendor Advisory: http://pacom.com
Restart Required: No
Instructions:
1. Download latest version from Pacom vendor portal. 2. Backup current configuration. 3. Install update following vendor instructions. 4. Verify successful installation.
🔧 Temporary Workarounds
Restrict Report Template Access
allLimit which users can create or modify report templates to only trusted administrators.
Input Validation Enhancement
allImplement additional input validation on report template fields to block script injection attempts.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate Unison Client systems from critical assets.
- Enable detailed logging and monitoring for report template modifications and unusual script execution.
🔍 How to Verify
Check if Vulnerable:
Check installed version in application settings or via 'unison --version' command; version 5.13.1 is vulnerable.Check Version:
unison --versionVerify Fix Applied:
Confirm version is 5.13.2 or higher; test report template functionality with safe scripts.📡 Detection & Monitoring
Log Indicators:
- Unusual report template modifications
- Script execution errors in application logs
- Multiple failed authentication attempts followed by template access
Network Indicators:
- Unexpected outbound connections from Unison Client
- Unusual data transfers to external IPs
SIEM Query:
source="unison.log" AND (event="template_modified" OR event="script_execution")