CVE-2025-41078

Published: Jan 12, 2026

Modified: Jan 12, 2026

PUBLISHED

Description

Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents.

Vendor	Product	Versions
Viafirma	Viafirma Documents	affected `v3.7.129`

Weaknesses (CWE)

CWE-863

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-viafirma-products

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-41078

Description

Affected Products

Weaknesses (CWE)

References