Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Multiple vulnerabilities in Sage 200 Spain

Posted date 07/03/2025
Identificador
INCIBE-2025-0126
Importance
4 - High
Affected Resources
  • Sage 200 Spain, versions prior to 2025.35.000.
Description

INCIBE has coordinated the publication of 2 vulnerabilities of high severity, affecting Sage 200 Spain, a business management software. The vulnerabilities have been discovered by Pedro José Navas Pérez.

These vulnerabilities have been assigned the following codes, CVSS v4.0 base score, CVSS vector and vulnerability type CWE for each vulnerability:

  • CVE-2025-1886: CVSS v3.1: 7.1 | CVSS AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-522
  • CVE-2025-1887: CVSS v3.1: 7.1 | CVSS AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-294
Solution

The vulnerability has been fixed by the Sage team in version 2025.35.000.

Detail
  • CVE-2025-1886: Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials.
  • CVE-2025-1887: SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker.
References list
Sage 200 - Product sheet
Etiquetas