{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-59709", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-03T14:39:38.152Z", "dateReserved": "2025-09-19T00:00:00.000Z", "datePublished": "2026-04-03T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-03T14:39:38.152Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.synacktiv.com/en/advisories/remote-code-execution-from-any-domain-account-in-biztalk360"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kovai:biztalk360:*:*:*:*:*:*:*:*", "matchCriteriaId": "71A18991-9CB5-4CF6-BE4C-1F8A8847AEE0", "versionEndExcluding": "11.6.3963.2611", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal."}], "id": "CVE-2025-59709", "lastModified": "2026-04-09T00:57:10.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-03T15:16:03.817", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.synacktiv.com/en/advisories/remote-code-execution-from-any-domain-account-in-biztalk360"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,11.5]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "biztalk360", "vendor": "biztalk360"}], "analysis": {"en": {"generated_at": "2026-04-03T17:21:44.028012+00:00", "value": {"mitigation_remediation": ["Upgrade Biztalk360 to a version newer than 11.5 that contains the fix for the directory traversal issue", "If an upgrade is not immediately possible, restrict the service\u2019s input handling to allow only whitelisted directories and validate paths rigorously", "Apply network-level controls to limit exposure of the vulnerable endpoints to trusted hosts only", "Verify that file system permissions prevent non\u2011privileged users from accessing sensitive directories"], "summary": {"action": "Apply Patch", "impact": "Directory Traversal allowing read of system files or forced authentication"}, "threat_synthesis": {"affected_systems": "Any installation of Biztalk360 with a version of 11.5 or earlier is vulnerable. The product is not tied to a specific vendor in the public data, but references indicate it is part of the Biztalk360 suite used in many enterprise environments.", "description_and_impact": "A flaw in Biztalk360 up to version 11.5 permits a Super User attacker to supply a path that bypasses normal restrictions, enabling the attacker to read arbitrary files on the server or force authentication against the service. The attack can lead to exposure of sensitive configuration data, credentials or other confidential information stored on the host, compromising confidentiality and possibly integrity of the system. The vulnerability is a classic directory traversal issue where user input is not properly sanitized for path resolution.", "risk_and_exploitability": "The CVE does not list a published CVSS score or EPSS data, and it is not included in the CISA Known Exploited Vulnerabilities catalog. Nevertheless, because the flaw permits arbitrary file read for a Super User, the risk to confidentiality is high. The likely attack vector is remote, through the service\u2019s interface that accepts file paths as user input. Without an official patch, the only realistic mitigation is to update to a patched version or block the vulnerable interface, else the risk remains significant."}}}}, "created": "2026-04-03T21:17:10.292404+00:00", "title": "Directory Traversal Allowing Super User File Read in Biztalk360", "updated": "2026-04-06T21:23:15.511140+00:00", "vendors": ["biztalk360", "biztalk360$PRODUCT$biztalk360"], "weaknesses": ["CWE-22"]}