CVE-2025-27580 – NIH BRICS Privilege Escalation and Account Compromise Vulnerability

April 23, 2025

CVE ID : CVE-2025-27580

Published : April 24, 2025, 12:15 a.m. | 2 hours, 44 minutes ago

Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27581 – NIH BRICS Unauthenticated Access to InET Module

Next Article CVE-2025-25046 – IBM InfoSphere Information Server DataStage Flow Designer Information Disclosure

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2025-27580 – NIH BRICS Privilege Escalation and Account Compromise Vulnerability

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Learn Embedded Systems Firmware Basics – A Handbook for Developers

Microsoft explains how to issue custom SSO claims in Entra ID using directory extension attributes

Debugging UI with AI: GitHub Copilot agent mode meets MCP servers

3D Layered Text: Interactivity and Dynamicism

Cloned Phones, Stolen Identities: The eSIM Hack No One Saw Coming

CVE-2025-6179 – Google ChromeOS Extension Management Permissions Bypass

SVG Animation Techniques: A Complete Guide with Practical Examples

With KB5055627, Recall is finally one step closer to general availability in Windows 11

CVE-2025-27580 – NIH BRICS Privilege Escalation and Account Compromise Vulnerability

Related Posts