A critical vulnerability in Gladinet's Triofox software, tracked as CVE-2025-12480, has been actively exploited in the wild, prompting urgent action from security teams. This flaw, which has been assigned a CVSS score of 9.1, allows unauthorized access to the initial setup pages of Triofox even after the setup process is complete. The vulnerability, categorized under CWE-284 for improper access control, affects Triofox versions prior to 16.7.10368.56560.
The vulnerability was disclosed on November 10, 2025, and within just 1.4 days, attackers began exploiting it, highlighting the rapid time-to-exploit (TTE) associated with this flaw. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-12480 to its Known Exploited Vulnerabilities (KEV) catalog as of November 12, 2025, underscoring the critical nature of this security issue.
Triofox, a platform designed to provide secure file sharing and collaboration, is widely used in enterprise environments, making the potential impact of this vulnerability significant. Exploitation of this flaw could allow attackers to gain unauthorized access to sensitive configuration settings, potentially leading to further compromise of the affected systems.
Gladinet has released a patch to address this vulnerability, and users are strongly advised to update to the latest version of Triofox to mitigate the risk of exploitation. The urgency is underscored by the vulnerability's high Exploit Prediction Scoring System (EPSS) score of 0.783, indicating a substantial likelihood of exploitation.
Security teams should prioritize the deployment of the patch and review access logs for any signs of unauthorized access attempts. Given the active exploitation of this vulnerability, organizations using Triofox should also consider implementing additional monitoring and access controls to detect and prevent unauthorized access.
The swift exploitation of CVE-2025-12480 serves as a stark reminder of the importance of timely patching and the need for robust security measures to protect against emerging threats. As attackers continue to target vulnerabilities with increasing speed, maintaining an up-to-date security posture is crucial for safeguarding enterprise environments.
CSURFACE