Browse all 4 CVE security advisories affecting FPT Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FPT Software provides IT outsourcing, software development, and digital transformation services to global clients. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, as evidenced by four recorded CVEs. While no major public security incidents have been widely reported, the company's diverse service portfolio increases its attack surface. Their security posture appears typical for a large software vendor, with vulnerabilities spanning web applications and internal systems. Regular security assessments and patch management would be critical for organizations utilizing FPT Software's solutions to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3014 | Insecure direct object references (IDOR) in NightWolf Penetration Platform — NightWolf Penetration PlatformCWE-285 | 8.1 | - | 2025-03-31 |
| CVE-2025-3013 | Insecure direct object references (IDOR) in NightWolf Penetration Platform — NightWolf Penetration PlatformCWE-285 | 8.1 | - | 2025-03-31 |
| CVE-2025-31165 | Cross Site Scripting in NightWolf Penetration Platform — NightWolf Penetration PlatformCWE-79 | 6.1AI | MediumAI | 2025-03-27 |
This page lists every published CVE security advisory associated with FPT Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.