CVE-2025-5717: 
WSO2 API Manager vulnerability analysis and mitigation

An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products, identified as CVE-2025-5717, discovered and disclosed on September 23, 2025. The vulnerability affects the event processor admin service in WSO2 products and requires administrative access to the SOAP admin services for exploitation (NVD).

The vulnerability stems from improper input validation in the event processor admin service. The flaw allows a user with administrative access to the SOAP admin services to deploy a Siddhi execution plan containing malicious Java code, which can result in arbitrary code execution on the server. The vulnerability has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L, and is classified as CWE-94 (Improper Control of Generation of Code) (NVD).

If successfully exploited, this vulnerability allows an authenticated attacker with administrative privileges to execute arbitrary code on the affected server. The impact is somewhat limited by the requirement of administrative privileges, but could still lead to significant system compromise within the scope of the authenticated user's access (NVD).

For mitigation details, organizations should refer to the official WSO2 security advisory and implement the recommended patches or updates. The specific fix details can be found in the WSO2 security documentation (WSO2 Advisory).