CVE-2025-24527 Akamai — Exploit & Vulnerability Details HIGH

CVE-2025-24527

HIGH CVSS 3.1: 8.0 EPSS 0.13%

Parameter	Value
CVSS	8.0 (HIGH)
Affected Versions	before 2025
Type	CWE-732 (Incorrect Permission Assignment)
Vendor	Akamai
Public PoC	No

An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID, they can execute debug commands on that connector.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

High

Difficult to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-732 Incorrect Permission Assignment

References 2

https://techdocs.akamai.com/eaa/changelog

cve@mitre.org

https://techdocs.akamai.com/eaa/changelog/january-29-2025

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-26365

Akamai

4.0

Menu

CVE-2025-24527

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-26365

CVE Details

Editor's Choice

Menu

CVE-2025-24527

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-26365

CVE Details

Editor's Choice

Stay informed on cybersecurity