CVE-2025-1077

Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather)

Description

A security vulnerability has been identified in the IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather). The vulnerability is present in the Product Delivery Service (PDS) component in specific server configurations where the PDS pipeline utilizes the IPDS pipeline with Message Editor Output Filters enabled. A remote unauthenticated attacker can exploit this vulnerability to send unauthenticated requests to execute the IPDS pipeline with specially crafted Form Properties, enabling remote execution of arbitrary Python code. This vulnerability could lead to a full system compromise of the affected server, particularly if Visual Weather services are run under a privileged user account—contrary to the documented installation best practices. Upgrade to the patched versions 7.3.10 (or higher), 8.6.0 (or higher).

Remediation

Solution:

  • Upgrade to the patched versions 7.3.10 (or higher), 8.6.0 (or higher).

Workaround:

  • In order to mitigate the vulnerability: - Disable PDS pipelines utilizing IPDS pipelines in server configurations. - Enforce installation best practices by ensuring Visual Weather services are not run under a privileged user account. - Restrict network access to the PDS pipeline endpoint to trusted IP ranges only. It is also recommended to contact IBL Support Team for more detailed security and server hardening guidelines.

Category

9.5
CVSS
Severity: Critical
CVSS 4.0 •
EPSS 0.42%
Affected: IBL Software Engineering Visual Weather
Affected: IBL Software Engineering NAMIS
Affected: IBL Software Engineering Aero Weather
Affected: IBL Software Engineering Satellite Weather
Published at:
Updated at:

References

Link Tags
https://www.iblsoft.com/security/advisory-isec-2024-001/

Frequently Asked Questions

What is the severity of CVE-2025-1077?
CVE-2025-1077 has been scored as a critical severity vulnerability.
How to fix CVE-2025-1077?
To fix CVE-2025-1077: Upgrade to the patched versions 7.3.10 (or higher), 8.6.0 (or higher).
Is CVE-2025-1077 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-1077 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-1077?
CVE-2025-1077 affects IBL Software Engineering Visual Weather, IBL Software Engineering NAMIS, IBL Software Engineering Aero Weather, IBL Software Engineering Satellite Weather.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.