- Description
- A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file customerview.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- Hype score
- Not currently trending
中国のハッカーがTrimble Cityworksの欠陥を悪用し、米国政府のネットワークに侵入(CVE-2025-0944) https://t.co/Vyn1CEQSUf #Security #セキュリティ #ニュース
@SecureShield_
23 May 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A Chinese-speaking threat actor, UAT-6382, exploited a now-patched vulnerability (CVE-2025-0944) in Trimble Cityworks to deploy Cobalt Strike and VShell, targeting U.S. enterprise networks since January 2025. #Security https://t.co/QFD3Ftl5TN
@Strivehawk
22 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chinese hackers UAT-6382 exploited patched CVE-2025-0944 in Trimble Cityworks, deploying malware and web shells 🕵️♂️ on US local government networks for long-term access. #CyberThreat #USGov #China https://t.co/TgnvHwXZQR
@TweetThreatNews
22 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 هاجم قراصنة يتحدثون الصينية تُعرفهم الجهات على أنهم UAT-6382 ثغرة في Trimble Cityworks، مما سمح لهم بإدخال كود ضار كـ Cobalt Strike وVShell. استغلوا الثغرة CVE-2025-0944 لتنفيذ هج
@Cybercachear
22 May 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-CVE-2025-0944: A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been rated as crit—CVSS 6.3 slams Education. Old bug, new chaos—don’t let this relic ruin your day! Free $500 scan—https://t.co/eoMhrefG0X #Phishing #Ransomware #Threa
@taqtics_ai
2 Mar 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0944 A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file custome… https://t.co/DvcRaXEDP4
@CVEnew
1 Feb 2025
781 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF"
}
],
"operator": "OR"
}
]
}
]