WISECP CSRF Vulnerability (CVE-2025-11954) Poses High Risk

/HIGH /CVSS 8/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycwe-352
WISECP CSRF Vulnerability (CVE-2025-11954) Poses High Risk

The National Vulnerability Database has disclosed CVE-2025-11954, a high-severity Cross-Site Request Forgery (CSRF) vulnerability affecting Sitemio Information Technologies Trade Ltd. Co.’s WISECP through version 20022026. This flaw carries a CVSSv3.1 score of 8.0 (High), indicating significant potential for impact across confidentiality, integrity, and availability.

CSRF attacks exploit trust relationships between a browser and a web application. In this scenario, an attacker could craft a malicious request that, when triggered by an authenticated WISECP user, forces their browser to perform unwanted actions on the WISECP application. Given the platform’s likely role in managing customer information or billing, successful exploitation could lead to unauthorized data manipulation or service disruption, all under the guise of the legitimate user.

SCW notes that the National Vulnerability Database indicated the vendor was contacted early regarding this disclosure but did not respond. This lack of communication means defenders should assume no official patch is imminent and must prioritize mitigation strategies immediately.

What This Means For You

  • If your organization uses WISECP, you are exposed. This isn't theoretical; a high-severity CSRF can be devastating. Audit all critical actions within WISECP for potential unauthorized activity. Implement strong anti-CSRF tokens for all state-changing operations and ensure your web application firewall (WAF) is configured to detect and block suspicious requests targeting WISECP instances. Given the vendor's non-response, you need to assume a zero-day state.

Indicators of Compromise

IDTypeIndicator
CVE-2025-11954 CSRF Sitemio Information Technologies Trade Ltd. Co. WISECP
CVE-2025-11954 CSRF WISECP through 20022026

Written by SCW Vulnerability Desk

🔎
Track critical vulnerabilities Use /latest to get full details on new high-severity vulnerabilities like CVE-2025-11954.
Open Intel Bot →
Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 20, 2026 at 16:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-20240 — Denial of Service

CVE-2026-20240 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129,...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-20
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Data

CVE-2026-20239 — In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a...

vulnerabilityCVEhigh-severitycwe-532
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged

CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma