CVE-2025-13480

Incorrect authorization in Fudo Enterprise

Description

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been fixed in version 5.6.3

INFO

Published Date :

2026-04-20T09:00:16.259Z

Last Modified :

2026-04-20T09:00:16.259Z

Source :

CERT-PL

AFFECTED PRODUCTS

The following products are affected by CVE-2025-13480 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13480.

URL	Resource
https://cert.pl/en/posts/2026/04/CVE-2025-13480
https://download.fudosecurity.com/documentation/fudo/5_6/rn/RN_5.6.3.pdf
https://www.fudosecurity.com/product/enterprise

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability