Primary

Context

Ventem e-School Missing Authorization Vulnerability Allowing Privilege Escalation

Vulnerability

A missing authorization vulnerability has been identified in Ventem's e-School platform. This issue allows remote attackers with regular user privileges to access administrative functions. Exploitation of this vulnerability enables the creation, modification, and deletion of user accounts, as well as the escalation of any account to system administrator privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized access to administrative functions, allowing for account management and privilege escalation to system administrator level.

Remediation

Schools running the system on-premises should contact the vendor to confirm the update status or consider restricting access to the campus network only.

Added: Jul 30, 2025, 4:30 AM

Updated: Jul 30, 2025, 4:30 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ventem e-School Missing Authorization Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating