Home

Description

Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the search function.

PUBLISHED Reserved 2025-07-24 | Published 2025-08-20 | Updated 2025-08-20 | Assigner jpcert




MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

External control of assumed-Immutable web parameter

Product status

8.0
affected

8.0.1
affected

8.0.2
affected

8.1
affected

and 8.1.1
affected

References

healthcaresolutions-us.fujifilm.com/...rability-notification

jvn.jp/en/vu/JVNVU94286093/

cve.org (CVE-2025-54551)

nvd.nist.gov (CVE-2025-54551)

Download JSON