CVE-2025-6076

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

02/08/2025

Last modified:

02/08/2025

Description

Partner Software&#39;s Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the vulnerability.

Impact

References to Advisories, Solutions, and Tools

https://partnersoftware.com/resources/software-release-info-4-32/