CVE-2025-13165 HIGH

CVE-2025-13165: Digiwin|EasyFlow GP - Denial of service

Vendor Digiwin
Product EasyFlow GP
Weakness CWE-770 · Uncontrolled resource consumption
Published November 17, 2025
Last update November 17, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated remote attackers to send specific requests that result in denial of web service.

Key dates

02Disclosure timeline

November 17, 2025 CVE published
November 17, 2025 Record updated