Primary

Context

AxxonSoft Axxon One PostgreSQL Dependency Vulnerability Allowing Privilege Escalation and Code Execution

Vulnerability

Patched

A vulnerability exists in AxxonSoft Axxon One versions 2.0.8 and earlier, on both Windows and Linux, due to a reliance on a vulnerable third-party component in the PostgreSQL backend. This flaw enables remote attackers to escalate privileges, execute arbitrary code, or cause a denial-of-service by exploiting multiple known vulnerabilities in PostgreSQL version 10.x, which have been addressed in PostgreSQL 17.4.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, execution of arbitrary code, or a denial-of-service condition.

Remediation

Users are advised to upgrade to Axxon One version 2.0.8 or later and to update PostgreSQL to version 17.4. For those using external PostgreSQL instances, it is strongly recommended to update to version 17.4 or newer.

Added: Sep 10, 2025, 1:18 PM

Updated: Sep 10, 2025, 1:18 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AxxonSoft Axxon One PostgreSQL Dependency Vulnerability Allowing Privilege Escalation and Code Execution

Vulnerability

Impact

Remediation

Affected Products

PostgreSQL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating