PatchSiren cyber security CVE debrief
CVE-2025-0352 Rapid Response Monitoring CVE debrief
CVE-2025-0352 is a high-severity information-disclosure issue affecting Rapid Response Monitoring’s My Security Account App API. According to the CISA advisory, an attacker could modify request data in a way that might cause the API to return information about other users. CISA also states the issue was patched by the vendor and that no action is required by users.
- Vendor
- Rapid Response Monitoring
- Product
- My Security Account App API
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-20
- Original CVE updated
- 2025-02-20
- Advisory published
- 2025-02-20
- Advisory updated
- 2025-02-20
Who should care
Rapid Response Monitoring customers and administrators, teams responsible for the My Security Account App API, and security staff monitoring API access and data exposure risk should review this advisory. Because the vendor says the issue has already been patched, the main concern is confirming the service is on the corrected version and that no residual exposure remains.
Technical summary
The advisory describes an API behavior issue in Rapid Response Monitoring’s My Security Account App API where manipulated request data could lead the API to return information belonging to other users. The supplied CVSS vector indicates network exploitation, no privileges required, no user interaction, and high confidentiality impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). The source advisory does not provide further exploit details, and it states the issue was patched on the vendor side.
Defensive priority
High. The issue is rated 7.5/High and involves potential exposure of other users’ information. Even though CISA’s advisory says the vendor patched the problem and no user action is required, organizations should still verify service status and monitor for unusual API access patterns.
Recommended defensive actions
- Confirm the My Security Account App API is running the vendor-patched version or service state described in the advisory.
- Review API access logs for unusual request patterns or unexpected cross-user data access attempts.
- If you integrate with this API, validate that client applications do not rely on any unsafe assumptions about request scoping or identity handling.
- Follow the vendor contact path listed in the advisory if you need confirmation of remediation status.
- Track the CISA advisory and CVE record for any future updates or revisions.
Evidence notes
The source corpus is CISA’s CSAF advisory ICSA-25-051-05 for CVE-2025-0352, published 2025-02-20, which states: “Rapid Response Monitoring reports that this issue was patched on their end and no action is required by users.” The advisory’s description says the API could be exploited by an attacker to modify request data, potentially causing the API to return information about other users. The CVSS vector provided in the source is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Official resources
-
CVE-2025-0352 CVE record
CVE.org
-
CVE-2025-0352 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2025-02-20 in CSAF advisory ICSA-25-051-05; the advisory states the vendor had already patched the issue and no user action was required at publication time.