Vulnerability Description
A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. When a POST request is executed against the vulnerable endpoint, the application reads certain header details and unsafely uses these values to build commands, allowing an attacker with administrative privileges to inject arbitrary commands that execute as root.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-32
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-03
- https://www.opto22.com/support/resources-tools/knowledgebase/kb91326
FAQ
What is CVE-2025-13087?
CVE-2025-13087 is a vulnerability with a CVSS score of 6.2 (MEDIUM). A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. When a POST request is executed against the vulner...
How severe is CVE-2025-13087?
CVE-2025-13087 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-13087?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.