CVE-2025-1077 Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather)

🗓️ 07 Feb 2025 08:32:01Reported by SK-CERTType

Remote Code Execution vulnerability in IBL Software Engineering Visual Weather allows system compromise.

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the Product Delivery Service component of the software for collecting, analyzing, and visualizing meteorological data, Visual Weather, and related products such as NAMIS, Aero Weather, and Satellite Weather, allows a perpetrator to execute arbitrary code or cause service failures.	23 Jun 202500:00	–	bdu_fstec
Circl	CVE-2025-1077	7 Feb 202508:40	–	circl
CNNVD	IBL Software Engineering Visual Weather 安全漏洞	7 Feb 202500:00	–	cnnvd
CVE	CVE-2025-1077	7 Feb 202508:32	–	cve
EUVD	EUVD-2025-1991	3 Oct 202520:07	–	euvd
NVD	CVE-2025-1077	7 Feb 202509:15	–	nvd
Positive Technologies	PT-2025-5906 · Ibl Software Engineering · Ibl Software Engineering Visual Weather	7 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-1077	9 Feb 202509:25	–	redhatcve
Vulnrichment	CVE-2025-1077 Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather)	7 Feb 202508:32	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Visual Weather",
    "vendor": "IBL Software Engineering",
    "versions": [
      {
        "status": "affected",
        "version": "8.2.5"
      },
      {
        "status": "affected",
        "version": "7.3.9"
      },
      {
        "status": "affected",
        "version": "7.3.6 (Enterprise Build)"
      },
      {
        "status": "affected",
        "version": "8.5.2 (Enterprise Build)"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NAMIS",
    "vendor": "IBL Software Engineering",
    "versions": [
      {
        "status": "affected",
        "version": "8.2.5"
      },
      {
        "status": "affected",
        "version": "7.3.9"
      },
      {
        "status": "affected",
        "version": "7.3.6 (Enterprise Build)"
      },
      {
        "status": "affected",
        "version": "8.5.2 (Enterprise Build)"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aero Weather",
    "vendor": "IBL Software Engineering",
    "versions": [
      {
        "status": "affected",
        "version": "8.2.5"
      },
      {
        "status": "affected",
        "version": "7.3.9"
      },
      {
        "status": "affected",
        "version": "7.3.6 (Enterprise Build)"
      },
      {
        "status": "affected",
        "version": "8.5.2 (Enterprise Build)"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Satellite Weather",
    "vendor": "IBL Software Engineering",
    "versions": [
      {
        "status": "affected",
        "version": "8.2.5"
      },
      {
        "status": "affected",
        "version": "7.3.9"
      },
      {
        "status": "affected",
        "version": "7.3.6 (Enterprise Build)"
      },
      {
        "status": "affected",
        "version": "8.5.2 (Enterprise Build)"
      }
    ]
  }
]

Source	Link
iblsoft	www.iblsoft.com/security/advisory-isec-2024-001/

07 Feb 2025 08:43Current

CVSS 49.5

EPSS0.01124