CVE-2025-69634: Php

Security Advisory: Critical Privilege Escalation Vulnerability in Dolibarr ERP & CRM

Overview

A critical security vulnerability has been identified in Dolibarr ERP & CRM version 22.0.9. The flaw is a Cross-Site Request Forgery (CSRF) issue that could allow an attacker to trick an authenticated administrator into unknowingly performing actions that grant higher privileges to a malicious user. The vulnerability is specifically located in the notes field within the perms.php file.

Note on Dispute: A third party has disputed the exploitability of this CVE, stating that successful attack requires an unprivileged user to already know an administrator’s unique security token-a condition they argue significantly reduces the realistic risk. However, due to the potential severity if other attack vectors are combined, the initial CVSS score of 9.0 (CRITICAL) stands.

Vulnerability Explained Simply

Think of CSRF as a forgery trick. An attacker creates a malicious link or webpage. If an administrator of the Dolibarr system is logged in and is tricked into clicking that link or visiting that page, the attacker can secretly submit a form on the administrator’s behalf. This forged request could modify user permissions, potentially giving the attacker or another account full administrative control over the ERP/CRM system. The dispute centers on whether the attacker can feasibly obtain the necessary “token” to make this forged request valid.

Potential Impact

If successfully exploited, this vulnerability could lead to:

• Full System Compromise: An attacker could elevate any user account to administrator level.
• Data Breach: With admin access, attackers could view, steal, modify, or delete all sensitive business data within Dolibarr (customer records, financial information, etc.).
• Operational Disruption: Malicious administrators could disrupt business processes, delete critical data, or deploy ransomware.

Remediation and Mitigation Steps

Immediate action is recommended to protect your Dolibarr installation.

1. Upgrade Immediately: The primary fix is to upgrade Dolibarr to the latest stable version. The Dolibarr development team has addressed this vulnerability in subsequent releases. Check the official Dolibarr website or GitHub repository for patched versions.
2. Apply CSRF Protections: If an immediate upgrade is not possible, ensure that all state-changing operations (like permission changes) require anti-CSRF tokens that are validated on the server-side. Verify that these protections are active in your user permission management functions.
3. Follow Principle of Least Privilege: Regularly audit user accounts and ensure administrators only use their privileged accounts for necessary tasks. Encourage the use of standard user accounts for daily browsing to limit exposure to CSRF attacks.
4. User Awareness: Advise administrators to log out of the Dolibarr application when not in use and to avoid clicking on untrusted links while logged into the system.

Important: Given the dispute, organizations should assess their specific risk. However, applying the patch (upgrade) is the definitive way to resolve the vulnerability and remove any uncertainty about potential exploit paths.