What is CVE-2025-22963?

CVE-2025-22963 is a high-severity CSRF vulnerability in Sismics Teedy that allows account takeover via unauthorized POST requests. Organizations should take immediate action to patch this vulnerability to prevent exploitation.

What is the severity of CVE-2025-22963?

CVE-2025-22963 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2025-22963 | High Vulnerability in Sismics Teedy

CVE-2025-22963 is a high-severity vulnerability affecting Sismics Teedy versions up to 1.11. This vulnerability allows Cross-Site Request Forgery (CSRF) attacks, which could lead to account takeover via unauthorized POST requests to the /api/user/admin endpoint. The CVSS score for this vulnerability is 7.5, indicating a high level of risk to organizations where this software is deployed.

The risk to organizations includes potential unauthorized access to accounts, leading to data leakage, manipulation of information, or other malicious activities. Given the nature of the vulnerability and the attack vector being network-based, organizations should prioritize patching immediately to mitigate this risk.

As of the last update, there is no known public exploit available for this vulnerability. However, the existence of a vulnerability in widely used software like Teedy increases the urgency for defenders to address this issue in their systems.

Organizations using Sismics Teedy should assess their exposure to this vulnerability and take immediate action to apply any necessary patches or updates to their systems.

Vulnerability Details

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin. This vulnerability has a CVSS score of 7.5, which indicates a high severity level. Organizations should be aware that the attack vector is network-based, requiring user interaction, and has a high attack complexity.

The confidentiality, integrity, and availability impacts are all rated as high, meaning that successful exploitation can lead to serious consequences for affected organizations. The weakness associated with this vulnerability is classified under CWE-352.

Technical Analysis

The root cause of this vulnerability is insufficient protection against CSRF attacks. Attackers may leverage this weakness to perform actions on behalf of an authenticated user without their consent. The attack vector is network-based, and the complexity is considered high due to the requirement for user interaction.

No privileges are required to exploit this vulnerability, making it easier for attackers to target potential victims. Successful exploitation can lead to significant impacts on confidentiality, integrity, and availability, as attackers can manipulate user accounts and access sensitive information.

Risk & Impact Analysis

Real-world deployment risk for CVE-2025-22963 is substantial, as organizations using Sismics Teedy may inadvertently expose themselves to CSRF attacks. The impact of successful exploitation can lead to unauthorized account access, data leakage, or even system compromise.

The urgency assessment based on the CVSS score indicates that organizations should address this vulnerability in their priority patch cycle. The high score reflects the critical nature of the vulnerability and its potential to cause significant damage.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected product is Sismics Teedy, specifically all versions prior to vendor patch 1.11. Organizations should ensure they are running the latest patched version to mitigate this vulnerability.

Mitigation & Remediation

Organizations should immediately apply patches to their Sismics Teedy installations to remediate this vulnerability. If a patch is not available, consider implementing workarounds such as disabling vulnerable features or enhancing CSRF protections.

For ongoing protection, consider engaging in penetration testing to identify any other weaknesses in your systems.

Detection Guidance

Organizations should monitor logs for unusual POST requests to the /api/user/admin endpoint, which may indicate an attempted CSRF attack. Additionally, behavioral anomalies from authenticated users should be tracked to identify potential exploitation attempts.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2025-22963 highlights the importance of implementing robust CSRF protections in web applications. This vulnerability serves as a reminder of the continuous evolution of attack vectors targeting web applications.

As organizations face increasing threats, understanding the patterns and trends associated with vulnerabilities like this one can help security teams strengthen their defenses.

For further resources on securing web applications, consider reviewing our CSRF attack prevention guide and our comprehensive security checklist for web developers to ensure your applications are protected against similar vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-22963: High Vulnerability in Sismics Teedy