CVE-2025-1077: Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather)
Description
A security vulnerability has been identified in the IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather). The vulnerability is present in the Product Delivery Service (PDS) component in specific server configurations where the PDS pipeline utilizes the IPDS pipeline with Message Editor Output Filters enabled.
A remote unauthenticated
attacker can exploit this vulnerability to send unauthenticated requests to execute the IPDS pipeline with specially crafted Form Properties, enabling remote execution of arbitrary Python code. This vulnerability could lead to a full system compromise of the affected server, particularly if Visual Weather services are run under a privileged user account—contrary to the documented installation best practices.
Upgrade to the patched versions 7.3.10 (or higher), 8.6.0 (or higher).
Classification
CVE ID: CVE-2025-1077
CVSS Base Severity: CRITICAL
CVSS Base Score: 9.5
CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected Products
Vendor: IBL Software Engineering
Product: Visual Weather
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.87% (scored less or equal to compared to others)
EPSS Date: 2025-03-08 (when was this score calculated)