About the Vulnerability
Introduction
The Apache Tomcat software is an open-source implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Annotations, and Jakarta Authentication specifications. These specifications are part of the Jakarta EE platform.
Summary
On March 11, 2025, Sangfor FarSight Labs received notification that an Apache-Tomcat component contains information of code execution vulnerability(CVE-2025-24813), classified as high in threat level.
Tomcat contains a critical code execution vulnerability that could be exploited by unauthorized attackers to execute remote code, disclose sensitive information, or corrupt data.
Affected Versions
9.0.0.M1 ≤ Apache Tomcat ≤ 9.0.98
10.1.0-M1 ≤ Apache Tomcat ≤ 10.1.34
11.0.0-M1 ≤ Apache Tomcat ≤ 11.0.2
Solutions
Remediation Solutions
Check the System Version
In the Windows system, execute this command: ./version.bat in the bin directory to view the Tomcat version.

Official Solution
The latest version has been officially released to fix the vulnerability. Affected users are advised to update the version of Tomcat to the following versions:
Apache Tomcat 11.0.3 or versions above
Apache Tomcat 10.1.35 or versions above
Apache Tomcat 9.0.99 or versions above
Download link: https://tomcat.apache.org/security-11.html
Sangfor Solutions
Risky Assets Detection
Support is provided for proactive detection of Apache-Tomcat; and it is capable of quickly batch identifying the affected asset conditions of this event in business scenarios. Related product is as follows:
[Sangfor aES] has released a detection scheme, with Fingerprint ID: 0006642.
Vulnerability Proactive Detection
Support is provided for proactive detection of Apache Tomcat Remote Code Execution Vulnerability(CVE-2025-24813); and it is capable of quickly batch identifying whether there are vulnerability risks in business scenarios. Related products are as follows:
[Sangfor Cyber Guardian MDR] is expected to release a detection scheme on March 16, 2025, with Rule ID: SF-20005-21041.
[Sangfor Omni-Command XDR] is expected to release a detection scheme on March 16, 2025, with Rule ID: SF-0005-21040.
Timeline
On March 11, 2025, Sangfor FarSight Labs received notification of Apache Tomcat Remote Code Execution Vulnerability.
On March 11, 2025, Sangfor FarSight Labs released a vulnerability alert.
Reference