CVE-2025-0921

HighProof-of-Concept

ICONICS Privileged File Write

8.8

CVSS v3.1 Base Score

High severity — Prioritize remediation

AV: Network AC: LowAuth: Required

Privileged file write in ICONICS suite allows authenticated users to write arbitrary files as SYSTEM. Combined with CVE-2025-11774 (command injection), this creates a full compromise chain. Can be used for DLL hijacking, web shell deployment, or overwriting security controls. Affects GENESIS64 and Hyper Historian.

Status

Proof-of-Concept

Complexity

Low

Auth Required

Yes

Initial Access

Authenticated access to ICONICS management interface

Known Techniques

Arbitrary file write via path traversal in file upload endpoint
DLL hijacking by writing malicious DLL to ICONICS service directory
Web shell deployment to IIS wwwroot via file write primitive

Published:2025-03-10

Modified:2025-03-25

Vendor:ICONICS

CWE:CWE-73

External Control of File Name or Path

Risk Summary

Overall RiskHigh

ExploitationProof-of-Concept

DetectionMedium coverage

Detection Rate87%

Rules Available2

CVE-2025-0921

ICONICS Privileged File Write

CVSS v3.1 Base Score

Executive Summary

Exploitation Context

Technical Vulnerability Breakdown

Full Description

Detection & Rule Intelligence (2 rules)

Rule Effectiveness & Testing Results

OT Risk Assessment

Mitigation & Response Guidance

Recommendations & Tuning Notes

Affected Products

References