cbcvebase.
CVE-2025-5717
published 2025-09-23

CVE-2025-5717: An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin…

PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.64%
46.2th percentile
An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server. Exploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.

Affected

36 ranges· showing 25
VendorProductVersion rangeFixed in
msrccbl2_hyperv-daemons_5.15.137.1-1_on_cbl_mariner_2.0
msrccbl2_kernel_5.15.137.1-1_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
wso2api_control_plane
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2open_banking_am
wso2siddhi_extension_evaluate_scripts>= 3.2.10 < 3.2.10.13.2.10.1
wso2siddhi_extension_evaluate_scripts>= 3.2.13 < 3.2.13.23.2.13.2
wso2siddhi_extension_evaluate_scripts>= 3.2.14 < 3.2.14.13.2.14.1
wso2siddhi_extension_evaluate_scripts>= 3.2.6 < 3.2.6.83.2.6.8
wso2siddhi_extension_evaluate_scripts>= 3.2.7 < 3.2.7.63.2.7.6
wso2siddhi_extension_evaluate_scripts>= 3.2.8 < 3.2.8.33.2.8.3
wso2traffic_manager
wso2wso2_api_control_plane>= 4.5.0 < 4.5.0.64.5.0.6
wso2wso2_api_manager>= 3.0.0 < 3.0.0.1743.0.0.174

CVSS provenance

nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.