CVE-2025-47411
8.80.02%
Pipe Dreams: Stealing Admin Privileges in Apache StreamPipes (CVE-2025-47411)
Alon Barad
Software EngineerJan 2, 2026·6 min read·1 visit
PoC Available
Executive Summary (TL;DR)
Apache StreamPipes versions prior to 0.98.0 contain a critical flaw where a standard user can 'swap' their username with an administrator's. Due to improper validation during profile updates, the system accepts the change. Upon the next token issuance, the identity provider mints a JWT with full administrative privileges based on the hijacked username. This allows complete takeover of the IIoT platform.
A critical privilege escalation vulnerability in Apache StreamPipes allowing authenticated non-admin users to seize administrative control by exploiting a logic flaw in user identity management.
Technical Appendix
CVSS Score
8.8/ 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:HEPSS Probability
0.02%
Top 100% most exploited
Affected Systems
Apache StreamPipes 0.69.0Apache StreamPipes 0.70.0Apache StreamPipes 0.90.0Apache StreamPipes 0.93.0Apache StreamPipes 0.95.0Apache StreamPipes 0.97.0
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
Apache StreamPipes Apache Software Foundation | < 0.98.0 | 0.98.0 |
| Attribute | Detail |
|---|---|
| CVE ID | CVE-2025-47411 |
| CVSS v4.0 | 8.8 (Critical) |
| CWE | CWE-269 (Improper Privilege Management) |
| Attack Vector | Network (Authenticated) |
| Affected Versions | < 0.98.0 |
| EPSS Score | 0.00020 |
MITRE ATT&CK Mapping
CWE-269
Improper Privilege Management
The application does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Known Exploits & Detection
Vulnerability Timeline
Disclosed on OSS Security mailing list
2025-12-29
CVE-2025-47411 Published
2026-01-01
Fixed version 0.98.0 available
2026-01-02