CWE-250
Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
CVE-2024-8903 (GCVE-0-2024-8903)
Vulnerability from cvelistv5 – Published: 2024-09-23 08:57 – Updated: 2024-09-23 15:37
VLAI
Summary
Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565.
Severity
4.7 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security-advisory.acronis.com/advisories/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Acronis | Acronis Cyber Protect Cloud Agent |
Affected:
unspecified , < 38565
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T15:36:51.704305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T15:37:00.561Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"macOS"
],
"product": "Acronis Cyber Protect Cloud Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "38565",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T08:57:16.328Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-7510",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7510"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2024-8903",
"datePublished": "2024-09-23T08:57:16.328Z",
"dateReserved": "2024-09-16T19:52:34.008Z",
"dateUpdated": "2024-09-23T15:37:00.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9473 (GCVE-0-2024-9473)
Vulnerability from cvelistv5 – Published: 2024-10-09 17:07 – Updated: 2024-10-18 11:59
VLAI
Title
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
Summary
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
Severity
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-9473 | vendor-advisory |
| https://sec-consult.com/vulnerability-lab/advisor… | third-party-advisoryexploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
5.1
Affected: 6.0 Affected: 6.1 Affected: 6.2.0 , < 6.2.5 (custom) Affected: 6.3 cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.12:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.11:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.10:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.9:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.8:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.5:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1:-:*:*:*:*:*:* |
Date Public
2024-10-09 16:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:5.1.0:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "5.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "6.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "6.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:6.3.0:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "6.3.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9473",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T12:53:19.159087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T13:00:52.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-10T06:03:45.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Oct/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.12:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.11:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.10:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.9:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.8:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.5:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"changes": [
{
"at": "6.2.5",
"status": "unaffected"
}
],
"lessThan": "6.2.5",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Baer of SEC Consult Vulnerability Lab"
},
{
"lang": "en",
"type": "finder",
"value": "Marc Barrantes of KPMG Spain"
}
],
"datePublic": "2024-10-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect."
}
],
"value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T11:59:17.267Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-9473"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.\u003cbr\u003e\u003cbr\u003eCustomers who want to upgrade should reach out to customer support at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com\"\u003ehttps://support.paloaltonetworks.com\u003c/a\u003e.\u003cbr\u003e"
}
],
"value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.\n\nCustomers who want to upgrade should reach out to customer support at https://support.paloaltonetworks.com ."
}
],
"source": {
"defect": [
"GPC-19493",
"GPC-21211"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-10-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-9473",
"datePublished": "2024-10-09T17:07:00.981Z",
"dateReserved": "2024-10-03T11:35:19.552Z",
"dateUpdated": "2024-10-18T11:59:17.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0120 (GCVE-0-2025-0120)
Vulnerability from cvelistv5 – Published: 2025-04-11 01:44 – Updated: 2025-05-02 19:08
VLAI
Title
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
Summary
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.
Severity
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0120 | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.3.0 , < 6.3.3
(custom)
Affected: 6.2.0 , < 6.2.8 (custom) Affected: 6.1.0 (custom) Affected: 6.0.0 (custom) cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:* |
|
| Palo Alto Networks | GlobalProtect App |
Unaffected:
All
(custom)
cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:* |
|
| Palo Alto Networks | GlobalProtect UWP App |
Unaffected:
All
(custom)
|
Date Public
2025-04-09 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T15:47:44.551607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T16:02:44.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8",
"status": "unaffected"
},
{
"at": "6.2.7-1077",
"status": "unaffected"
}
],
"lessThan": "6.2.8",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"macOS",
"Linux",
"iOS",
"Android",
"Chrome OS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GlobalProtect UWP App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maxime ESCOURBIAC, Michelin CERT"
},
{
"lang": "en",
"type": "finder",
"value": "Yassine BENGANA, Abicom for Michelin CERT"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect\u2122 app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit."
}
],
"value": "A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect\u2122 app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "A local Windows user (or malware) with non-administrative rights elevates their privileges to NT AUTHORITY/SYSTEM."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T19:08:27.987Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0120"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.3 on Windows\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.7-1077 or 6.2.8 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on macOS\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect UWP App\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nSuggested Solution\nGlobalProtect App 6.3 on WindowsUpgrade to 6.3.3 or laterGlobalProtect App 6.2 on Windows\nUpgrade to 6.2.7-1077 or 6.2.8 or later\nGlobalProtect App 6.1 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App 6.0 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App on macOSNo action neededGlobalProtect App on LinuxNo action neededGlobalProtect App on iOSNo action neededGlobalProtect App on AndroidNo action neededGlobalProtect UWP AppNo action needed"
}
],
"source": {
"defect": [
"GPC-19862",
"GPC-19858"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2025-05-02T19:00:00.000Z",
"value": "Updated the fix version for 6.2.7"
}
],
"title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround or mitigation is available."
}
],
"value": "No workaround or mitigation is available."
}
],
"x_affectedList": [
"GlobalProtect App 6.3.2",
"GlobalProtect App 6.3.1",
"GlobalProtect App 6.3.0",
"GlobalProtect App 6.3",
"GlobalProtect App 6.2.7",
"GlobalProtect App 6.2.6",
"GlobalProtect App 6.2.4",
"GlobalProtect App 6.2.3",
"GlobalProtect App 6.2.2",
"GlobalProtect App 6.2.1",
"GlobalProtect App 6.2.0",
"GlobalProtect App 6.2"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0120",
"datePublished": "2025-04-11T01:44:48.253Z",
"dateReserved": "2024-12-20T23:23:21.499Z",
"dateUpdated": "2025-05-02T19:08:27.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0921 (GCVE-0-2025-0921)
Vulnerability from cvelistv5 – Published: 2025-05-15 22:36 – Updated: 2026-04-13 23:06
VLAI
Title
Information Tampering Vulnerability in Multiple Services of GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, IoTWorX, MC Works64, GENESIS, GENESIS32, and BizViz
Summary
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Severity
6.5 (Medium)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerab… | vendor-advisory |
| https://jvn.jp/vu/JVNVU93838985 | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
Impacted products
19 products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0921",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T13:21:49.388730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:21:55.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MobileHMI",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Hyper Historian",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AnalytiX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IoTWorX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "version 10.95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BizViz",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC Works64",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "version 11.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS64",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICONICS Suite",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MobileHMI",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Hyper Historian",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AnalytiX",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "versions 10.97.3 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IoTWorX",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "version 10.95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS32",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BizViz",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GENESIS",
"vendor": "Mitsubishi Electric Iconics Digital Solutions",
"versions": [
{
"status": "affected",
"version": "version 11.00"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Asher Davila from Palo Alto Networks"
},
{
"lang": "en",
"type": "finder",
"value": "Malav Vyas from Palo Alto Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC."
}
],
"value": "Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T23:06:00.161Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-002_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU93838985"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-04"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Tampering Vulnerability in Multiple Services of GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, IoTWorX, MC Works64, GENESIS, GENESIS32, and BizViz",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-0921",
"datePublished": "2025-05-15T22:36:37.902Z",
"dateReserved": "2025-01-31T01:50:57.976Z",
"dateUpdated": "2026-04-13T23:06:00.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10885 (GCVE-0-2025-10885)
Vulnerability from cvelistv5 – Published: 2025-11-06 17:01 – Updated: 2026-02-26 17:47
VLAI
Title
Privilege Escalation Vulnerability
Summary
A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM.
Severity
7.8 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://emsfs.autodesk.com/utility/odis/1/install… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10885",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-08T04:55:19.451911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:10.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:installer:2.18:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Installer",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2.19",
"status": "affected",
"version": "2.18",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted file, when executed on the victim\u0027s machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM.\u003cbr\u003e"
}
],
"value": "A maliciously crafted file, when executed on the victim\u0027s machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T17:58:04.357Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://emsfs.autodesk.com/utility/odis/1/installer/latest/AdODIS-installer.exe"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0022"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10885",
"datePublished": "2025-11-06T17:01:19.327Z",
"dateReserved": "2025-09-23T15:29:52.416Z",
"dateUpdated": "2026-02-26T17:47:10.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1137 (GCVE-0-2025-1137)
Vulnerability from cvelistv5 – Published: 2025-05-10 01:56 – Updated: 2026-02-26 18:28
VLAI
Title
IBM Storage Scale command injection
Summary
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization.
Severity
7.5 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7233085 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Storage Scale |
Affected:
5.2.2.0
Affected: 5.2.2.1 cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.1.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T03:55:55.420944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:40.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.1.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Storage Scale",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.2.2.0"
},
{
"status": "affected",
"version": "5.2.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization."
}
],
"value": "IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T15:33:16.069Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7233085"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Storage Scale 5.2.2.0-5.2.2.1, IBM strongly recommends addressing the vulnerability by upgrading to 5.2.3.0 or later:\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026amp;product=ibm/StorageSoftware/IBM+Storage+Scale\u0026amp;release=5.2.3\u0026amp;platform=All\u0026amp;function=all\"\u003ehttps://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026amp;produ...\u003c/a\u003e"
}
],
"value": "Storage Scale 5.2.2.0-5.2.2.1, IBM strongly recommends addressing the vulnerability by upgrading to 5.2.3.0 or later:\n\n https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage\u0026produ... https://www.ibm.com/support/fixcentral/swg/selectFixes"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Storage Scale command injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1137",
"datePublished": "2025-05-10T01:56:23.135Z",
"dateReserved": "2025-02-08T20:16:19.164Z",
"dateUpdated": "2026-02-26T18:28:40.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12420 (GCVE-0-2025-12420)
Vulnerability from cvelistv5 – Published: 2026-01-12 21:29 – Updated: 2026-02-26 15:04
VLAI
Title
Unauthenticated Privilege Escalation in ServiceNow AI Platform
Summary
A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.
ServiceNow has addressed this vulnerability by deploying a relevant security update to hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so.
Severity
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.servicenow.com/kb?id=kb_article_v… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ServiceNow | Now Assist AI Agents |
Affected:
5.0.26 , ≤ 5.1.17
(semver)
Affected: 5.0.26 , ≤ 5.2.18 (semver) |
|
| ServiceNow | Virtual Agent API |
Affected:
0 , < 3.15.2
(semver)
Affected: 0 , < 4.0.4 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:14.352249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:50.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Assist AI Agents",
"vendor": "ServiceNow",
"versions": [
{
"lessThanOrEqual": "5.1.17",
"status": "affected",
"version": "5.0.26",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.18",
"status": "affected",
"version": "5.0.26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Virtual Agent API",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "3.15.2",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "4.0.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aaron Costello \u2013 AppOmni"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eA vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.\u003c/p\u003e\u003cp\u003eServiceNow has addressed this vulnerability by deploying a relevant security update to \u0026nbsp;hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so.\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform.\n\nServiceNow has addressed this vulnerability by deploying a relevant security update to \u00a0hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerability is addressed in the listed Store App versions. We recommend that customers promptly apply an appropriate security update or upgrade if they have not already done so."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:Y/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:36:53.575Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB2587329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Privilege Escalation in ServiceNow AI Platform",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2025-12420",
"datePublished": "2026-01-12T21:29:37.421Z",
"dateReserved": "2025-10-28T16:31:46.125Z",
"dateUpdated": "2026-02-26T15:04:50.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12690 (GCVE-0-2025-12690)
Vulnerability from cvelistv5 – Published: 2026-03-11 15:36 – Updated: 2026-03-11 16:10
VLAI
Title
Local Privilege Escalation in NGFW Engine
Summary
Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.
Severity
CWE
- CWE-250 - Execution with unnecessary privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Forcepoint | NGFW Engine |
Affected:
0 , ≤ 6.10.19
(semver)
Affected: 0 , ≤ 7.3.0 (semver) Affected: 0 , ≤ 7.2.4 (semver) Affected: 0 , ≤ 7.1.10 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T16:10:07.438779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:10:28.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "NGFW Engine",
"vendor": "Forcepoint",
"versions": [
{
"lessThanOrEqual": "6.10.19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.1.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Caserta, Andrea Lomuscio and Alessandro Ruggieri of the Italian National Cybersecurity Agency"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.\u003cp\u003eThis issue affects NGFW Engine through 6.10.19,\u0026nbsp;through 7.3.0, through 7.2.4, through 7.1.10.\u003c/p\u003e"
}
],
"value": "Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19,\u00a0through 7.3.0, through 7.2.4, through 7.1.10."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
},
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with unnecessary privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T15:36:32.755Z",
"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"shortName": "forcepoint"
},
"references": [
{
"url": "https://support.forcepoint.com/s/article/Security-Advisory-Local-Privilege-Escalation-in-NGFW-Engine"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eUpgrade to versions 6.10.20, 7.1.11, 7.2.5 and 7.3.1.\u003c/span\u003e"
}
],
"value": "Upgrade to versions 6.10.20, 7.1.11, 7.2.5 and 7.3.1."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local Privilege Escalation in NGFW Engine",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2",
"assignerShortName": "forcepoint",
"cveId": "CVE-2025-12690",
"datePublished": "2026-03-11T15:36:32.755Z",
"dateReserved": "2025-11-04T10:07:46.152Z",
"dateUpdated": "2026-03-11T16:10:28.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13375 (GCVE-0-2025-13375)
Vulnerability from cvelistv5 – Published: 2026-02-04 20:31 – Updated: 2026-02-06 19:24
VLAI
Title
IBM Common Cryptographic Architecture Arbitrary Command Execution
Summary
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
Severity
9.8 (Critical)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7259625 | vendor-advisorypatch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Common Cryptographic Architecture |
Affected:
7.5.52
(semver)
Affected: 8.4.82 (semver) cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:linux:x86:* cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:aix:*:* cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:ibm_i:*:* cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:powerlinux:*:* cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:linux:x86:* cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:aix:*:* cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:ibm_i:*:* cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:powerlinux:*:* |
|
| IBM | IBM 4769 Developers Toolkit |
Affected:
7.5.52
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:23:54.508016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:24:03.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:linux:x86:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:ibm_i:*:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:7.5.52:*:*:*:*:powerlinux:*:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:linux:x86:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:ibm_i:*:*",
"cpe:2.3:a:ibm:common_cryptographic_architecture:8.4.82:*:*:*:*:powerlinux:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Linux x86",
"IBM AIX",
"IBM i",
"IBM PowerLinux"
],
"product": "Common Cryptographic Architecture",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5.52",
"versionType": "semver"
},
{
"status": "affected",
"version": "8.4.82",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IBM 4769 Developers Toolkit",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.5.52"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Common Cryptographic Architecture (CCA)\u0026nbsp;7.5.52 and\u0026nbsp;8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system."
}
],
"value": "IBM Common Cryptographic Architecture (CCA)\u00a07.5.52 and\u00a08.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T20:46:57.901Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7259625"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cstrong\u003eIBM strongly recommends addressing the vulnerability now by upgrading:\u003c/strong\u003e\u0026nbsp;\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eProduct(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eFixed Version(s)\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCCA 7 MTM for 4769\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e7.5.53\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCCA 8 MTM for 4770\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e8.4.84\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM 4769 Developers Toolkit\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e7.5.53\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading:\u00a0\n\nProduct(s)Fixed Version(s)CCA 7 MTM for 4769\n\n7.5.53\n\nCCA 8 MTM for 4770\n\n8.4.84\n\nIBM 4769 Developers Toolkit\n\n7.5.53"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Common Cryptographic Architecture Arbitrary Command Execution",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-13375",
"datePublished": "2026-02-04T20:31:13.398Z",
"dateReserved": "2025-11-18T19:19:10.873Z",
"dateUpdated": "2026-02-06T19:24:03.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13506 (GCVE-0-2025-13506)
Vulnerability from cvelistv5 – Published: 2025-12-12 12:19 – Updated: 2025-12-12 14:30
VLAI
Title
Improper Authorization in Nebim Neyir's Nebim V3 ERP
Summary
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database.This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1.
Severity
8.8 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nebim Neyir Computer Industry and Services Inc. | Nebim V3 ERP |
Affected:
2.0.59 , < 3.0.1
(custom)
|
Date Public
2025-12-12 12:18
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13506",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T14:30:32.135685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T14:30:42.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nebim V3 ERP",
"vendor": "Nebim Neyir Computer Industry and Services Inc.",
"versions": [
{
"lessThan": "3.0.1",
"status": "affected",
"version": "2.0.59",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet Tolga DEM\u0130RC\u0130"
}
],
"datePublic": "2025-12-12T12:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database.\u003cp\u003eThis issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1.\u003c/p\u003e"
}
],
"value": "Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database.This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1."
}
],
"impacts": [
{
"capecId": "CAPEC-470",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-470 Expanding Control over the Operating System from the Database"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T12:28:32.948Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0450"
}
],
"source": {
"advisory": "TR-25-0450",
"defect": [
"TR-25-0450"
],
"discovery": "UNKNOWN"
},
"title": "Improper Authorization in Nebim Neyir\u0027s Nebim V3 ERP",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-13506",
"datePublished": "2025-12-12T12:19:37.226Z",
"dateReserved": "2025-11-21T12:14:27.616Z",
"dateUpdated": "2025-12-12T14:30:42.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
Mitigation ID: MIT-18
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation ID: MIT-18
Phase: Architecture and Design
Strategy: Attack Surface Reduction
Description:
- Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.
Mitigation
Phase: Implementation
Description:
- Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.
Mitigation ID: MIT-19
Phase: Implementation
Description:
- When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.
Mitigation
Phase: Implementation
Description:
- If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.
Mitigation ID: MIT-37
Phases: Operation, System Configuration
Strategy: Environment Hardening
Description:
- Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.
CAPEC-104: Cross Zone Scripting
An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.
CAPEC-470: Expanding Control over the Operating System from the Database
An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.
CAPEC-69: Target Programs with Elevated Privileges
This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.