CVE-2025-14611

Confirmed PUBLISHED

Gladinet CentreStack and TrioFox Hard Coded AES Keys

Gladinet · CentreStack and TrioFox

1 day faster than CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.1 High EPSS 50.9%

At a Glance

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication. This opens the door for future exploitation and can be leveraged with previous vulnerabilities to gain a full system compromise.

nuclei_scanner cisa
CVE Published
Dec 12, 2025
Exploitation Reported
Jun 01, 2026
CVSS
7.1 High
EPSS
50.9%
Remote No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
Gladinet
CentreStack and TrioFox

0 to < 16.12.10420.56791

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.