Vulnerability in SYNCPILOT LIVE CONTRACT (CVE-2025-2306)

An improper access control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication if the URL is known.

The attack requires the attacker to know the document’s UUIDv4.

The vulnerability was acknowledged and fixed by SYNCPILOT within a week. We want to thank SYNCPILOT for its exemplary reaction to the vulnerability report.

CVSS Score
5.9 (CVSS v3.1)

CVSS Vector String
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected Version
LIVE CONTRACT versions ≤ 5.4.11, ≤ 5.5.3, ≤ 5.6.2

Fixed Version
5.4.12, 5.5.4, 5.6.3

Credits
Felix Schmid (cirosec GmbH)