Vulnerability cyber

Hexagon ETQ

Jul 23, 2025 1 min read
Hexagon ETQ

A significant vulnerability in ETQ Reliance quality management software allows attackers to gain full administrative access by simply adding a single space character to a login attempt. This flaw, tracked as CVE-2025-34143, enables complete system takeover and remote code execution, posing a critical risk to organizations using the software. The vulnerability was discovered during a routine security assessment and stems from inconsistent string handling in the application's authentication logic. The issue has been addressed in NXG Release 2025.1.2, and organizations are urged to update immediately to prevent potential exploitation.

Source: https://cybersecuritynews.com/etq-reliance-rce-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/etq

"id": "etq953072325",
"linkid": "etq",
"type": "Vulnerability",
"date": "7/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Quality Management',
                        'name': 'ETQ Reliance',
                        'type': 'Software'}],
 'attack_vector': 'Authentication Bypass, Remote Code Execution',
 'description': 'A significant vulnerability in ETQ Reliance quality '
                'management software allows attackers to gain full '
                'administrative access by simply adding a single space '
                'character to a login attempt. The flaw, tracked as '
                'CVE-2025-34143, represents one of the most unusual '
                'authentication bypass vulnerabilities discovered in '
                'enterprise software, requiring no sophisticated techniques, '
                'just typing “SYSTEM ” (with a trailing space) in the username '
                'field along with any password grants complete system access.',
 'impact': {'systems_affected': 'ETQ Reliance quality management software'},
 'post_incident_analysis': {'root_causes': 'Inconsistent string handling in '
                                           'the application’s authentication '
                                           'logic'},
 'recommendations': ['Immediately update to NXG Release 2025.1.2 to prevent '
                     'potential exploitation of these critical security '
                     'flaws.'],
 'references': [{'source': 'ANY.RUN'}],
 'response': {'remediation_measures': ['Update to NXG Release 2025.1.2']},
 'title': 'ETQ Reliance Authentication Bypass and RCE Vulnerability',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': ['CVE-2025-34143',
                             'CVE-2025-34141',
                             'CVE-2025-34142',
                             'CVE-2025-34140']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.