CVE-2025-60595

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution.

Basic Information

CVE State: PUBLISHED
Reserved Date: September 26, 2025
Published Date: October 29, 2025
Last Updated: October 30, 2025
Vendor: n/a
Product: n/a
Description: SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution.

CVSS Scores

CVSS v3.1

8.2 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

SSVC Information

Exploitation: none
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2025-10-28 21:00:05 UTC) Source

References

https://www.sphengineering.com https://github.com/Clicksafeae/CVE-2025-60595/tree/main

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-10-28 21:00:05 UTC

Timeline

CVE ID Reserved

September 26, 2025
Added to KEVIntel

October 28, 2025
CVE Published to Public

October 29, 2025