Is CVE-2025-34143 in the CISA KEV catalog?

No. CVE-2025-34143 is not currently on the CISA Known Exploited Vulnerabilities list.

What is the EPSS score for CVE-2025-34143?

CVE-2025-34143 has an EPSS score of 29.64% (98th percentile), estimating the probability of exploitation in the next 30 days.

CVE & CISA-KEV Catalog

CVE-2025-34143

UNSCOREDEPSS 98th pctl

NVD

Description

An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.

CWE-78OS Command Injection CWE-269Improper Privilege Management CWE-288

CVSS v3.1 Vector

No CVSS vector data available.

Exploit Intelligence

29.64%probability of exploitation in 30 days

98thpercentile

Very high risk: more likely to be exploited than 98% of all known CVEs.

References

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-04.