Cybersecurity Vulnerabilities

CVE-2025-34264: Critical XSS Vulnerability in Advantech WISE-DeviceOn Server

December 5, 2025 - By 

Overview

CVE-2025-34264 details a stored cross-site scripting (XSS) vulnerability affecting Advantech WISE-DeviceOn Server versions prior to 5.4. This vulnerability resides in the `/rmm/v1/dog/{agentId}` endpoint, specifically related to the Software Watchdog feature.

Technical Details

The vulnerability occurs when an authenticated user adds or edits Software Watchdog process rules for an agent. The monitored process name, which is stored in the settings array, is subsequently rendered in the Software Watchdog UI without proper HTML sanitization. This lack of input validation allows an attacker to inject malicious JavaScript code into the process name field.

When a user views or interacts with the affected Software Watchdog rules in the UI, the injected script is executed within their browser context. This could potentially lead to session hijacking, unauthorized actions performed on behalf of the victim, and other malicious activities.

CVSS Analysis

As of the current information available, a CVSS score has not been assigned to CVE-2025-34264. The absence of a CVSS score does not diminish the severity of the vulnerability. Given the potential for session compromise and unauthorized actions, it should be treated as a high-risk issue.

Possible Impact

The exploitation of this stored XSS vulnerability can have significant consequences:

  • Session Hijacking: An attacker can steal the session cookies of an authenticated user, allowing them to impersonate the victim and gain unauthorized access to the WISE-DeviceOn Server.
  • Unauthorized Actions: The injected script can be used to perform actions within the WISE-DeviceOn Server on behalf of the victim, potentially leading to configuration changes, data breaches, or service disruptions.
  • Data Theft: If the victim’s browser has access to sensitive data within the WISE-DeviceOn Server, the attacker could steal this information.
  • Malware Distribution: The XSS vulnerability could be used to redirect users to malicious websites or to inject malware into their systems.

Mitigation or Patch Steps

The recommended mitigation is to upgrade your Advantech WISE-DeviceOn Server to version 5.4 or later. This version includes a fix for the stored XSS vulnerability in the Software Watchdog feature. Specifically:

  1. Upgrade to Version 5.4 or Later: Follow the official Advantech upgrade instructions to update your WISE-DeviceOn Server.
  2. Verify Proper Configuration: After upgrading, ensure that all Software Watchdog rules are correctly configured and that no suspicious process names are present.
  3. Input Validation (If Possible): If direct configuration options exist, ensure all input fields undergo rigorous server-side validation and HTML sanitization to prevent the injection of malicious scripts. However, the upgrade is the *primary* remediation.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *