| TVN ID | TVN-202507015 |
|---|---|
| CVE ID | CVE-2025-8322 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | e-School |
| Description | The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege. |
| Solution | If your school runs system on-premises, please contact the vendor to confirm the update status or consider restricting access to the campus network only |
| Credit | JUI-PENG,YEN |
| Public Date | 2025-07-30 |
:::