{"vulnerability": "CVE-2025-2023", "sightings": [{"uuid": "b593ccee-5fda-4662-b631-f507a83edf01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2023", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-122/", "content": "", "creation_timestamp": "2025-03-10T04:00:00.000000Z"}, {"uuid": "3bc1bdc5-bd8a-4b48-a1c0-9f9e8ec59db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmy5hnuzj22l", "content": "", "creation_timestamp": "2025-04-17T03:18:34.507447Z"}, {"uuid": "8e7c4a53-b3e3-4967-9373-280bcb08d96d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lmyrtdpa2k2g", "content": "", "creation_timestamp": "2025-04-17T09:23:01.995295Z"}, {"uuid": "9e55d901-dee5-4865-bf71-b3d8c0f6c17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnbryoolif2b", "content": "", "creation_timestamp": "2025-04-20T23:19:56.793325Z"}, {"uuid": "2472b536-017a-410a-8554-33a55e640bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20234", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-417/", "content": "", "creation_timestamp": "2025-06-23T03:00:00.000000Z"}, {"uuid": "8591ed75-5062-4c51-bb04-9ae5e8f856ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20231", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "a9c92947-f2e5-483c-a8b0-74c7dce0eaef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20230", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "58111ea8-d9ea-4582-99a5-1dcefdc3ecb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20239", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lwf2bh6act2g", "content": "", "creation_timestamp": "2025-08-14T19:12:44.643610Z"}, {"uuid": "59256ae8-feff-4819-81c6-443e8e75de9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20232", "type": "seen", "source": "https://t.me/cvedetector/21233", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20232 - Splunk Enterprise/Bypass Splunk Search Command Permissions\", \n  \"Content\": \"CVE ID : CVE-2025-20232 \nPublished : March 26, 2025, 10:15 p.m. | 33\u00a0minutes ago \nDescription : In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.103, 9.2.2406.108, 9.2.2403.113, 9.1.2312.208 and 9.1.2308.212, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on the \u201c/app/search/search\u201c endpoint through its \u201cs\u201c parameter. \nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T23:55:52.000000Z"}, {"uuid": "c9e278fe-cb1c-48cd-b718-935802f3343e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20231", "type": "seen", "source": "https://t.me/cvedetector/21232", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20231 - Splunk Enterprise &amp; Splunk Secure Gateway App Cross-Site Request Forgery (CSRF)\", \n  \"Content\": \"CVE ID : CVE-2025-20231 \nPublished : March 26, 2025, 10:15 p.m. | 33\u00a0minutes ago \nDescription : In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.\n\nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T23:55:51.000000Z"}, {"uuid": "e4cbd284-5d79-479b-99dc-1c237087bc84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20236\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.\n\nThis vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.\n\ud83d\udccf Published: 2025-04-16T16:16:23.291Z\n\ud83d\udccf Modified: 2025-04-17T03:55:22.841Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC", "creation_timestamp": "2025-04-17T04:57:28.000000Z"}, {"uuid": "49478035-517f-4930-b1dc-8d2c1faa6e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20234", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18783", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20234\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n\nThis vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\nFor a description of this vulnerability, see the .\n\ud83d\udccf Published: 2025-06-18T16:20:01.175Z\n\ud83d\udccf Modified: 2025-06-18T16:20:01.175Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-udf-hmwd9nDy\n2. https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html", "creation_timestamp": "2025-06-18T16:43:31.000000Z"}, {"uuid": "64cd6070-2eb6-41e9-b418-e8b9b18ee719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1125", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 URL \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u06a9\u0646\u0641\u0631\u0627\u0646\u0633 \u0648\u0628 Cisco Webex App \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u0641\u0627\u06cc\u0644 \u0631\u0627 \u0627\u0632 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u06cc\u062f. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631 \u0628\u0631 \u0631\u0648\u06cc \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u06a9\u0644\u06cc\u06a9 \u0645\u06cc \u06a9\u0646\u062f\u060c \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2025-04707\nCVE-2025-20236\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062a\u0648\u0627\u0646\u0627\u06cc\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0631\u0627\u06cc \u062f\u0646\u0628\u0627\u0644 \u06a9\u0631\u062f\u0646 \u067e\u06cc\u0648\u0646\u062f\u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0645\u062d\u06cc\u0637 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0627\u06cc\u0632\u0648\u0644\u0647 \u0628\u0631\u0627\u06cc \u0628\u0627\u0632 \u06a9\u0631\u062f\u0646 \u0644\u06cc\u0646\u06a9 \u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 \u0628\u0631\u0627\u06cc \u0628\u0631\u0631\u0633\u06cc \u0644\u06cc\u0646\u06a9 \u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc (\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u062b\u0628\u062a) \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-23T19:49:59.000000Z"}, {"uuid": "e21aec02-02bc-42ba-b7a1-9a1f5fe4a6ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://t.me/cvedetector/23135", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20236 - \"Cisco Webex App URL Parser Remote Command Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-20236 \nPublished : April 16, 2025, 5:15 p.m. | 28\u00a0minutes ago \nDescription : A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.  \n  \n This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T20:14:24.000000Z"}, {"uuid": "31ed0ee2-bba8-46a4-80bd-460ad7cfb73c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20230", "type": "seen", "source": "https://t.me/cvedetector/21246", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20230 - Splunk Enterprise and Splunk Secure Gateway Unauthorized Data Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20230 \nPublished : March 26, 2025, 11:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could edit and delete other user data in App Key Value Store (KVStore) collections that the Splunk Secure Gateway app created. This is due to missing access control and incorrect ownership of the data in those KVStore collections.\n\nIn the affected versions, the `nobody` user owned the data in the KVStore collections. This meant that there was no specific owner assigned to the data in those collections. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T02:26:29.000000Z"}, {"uuid": "e09a3744-4e38-464e-93d7-b7dbb03ac569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114349133435273045", "content": "", "creation_timestamp": "2025-04-16T18:48:27.329712Z"}, {"uuid": "5eadc919-b69e-4e89-8066-d448065b8c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114359183287772535", "content": "", "creation_timestamp": "2025-04-18T13:24:15.817829Z"}, {"uuid": "85429666-4551-4563-a984-833da2f8e6e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln3ryr3zke2t", "content": "", "creation_timestamp": "2025-04-18T14:04:00.739740Z"}, {"uuid": "9d4d48ae-8316-4fd8-a058-87383ec73490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln4gjwl7qk2e", "content": "", "creation_timestamp": "2025-04-18T20:11:31.726176Z"}, {"uuid": "9873a418-588c-41bb-9f71-ae4266fe6843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3ln52mdyw472b", "content": "", "creation_timestamp": "2025-04-19T02:10:47.965638Z"}, {"uuid": "9314f8fd-6635-4fb1-a1a6-c5ad2ec1e222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln52nbrsyt25", "content": "", "creation_timestamp": "2025-04-19T02:11:18.936571Z"}, {"uuid": "b0571a0a-421a-4231-9866-8f508f76a153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln52nbvnpz2n", "content": "", "creation_timestamp": "2025-04-19T02:11:19.505640Z"}, {"uuid": "3527f5a8-da42-4b72-9374-ac560e1e9f7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3ln5psqqibh27", "content": "", "creation_timestamp": "2025-04-19T08:30:10.952534Z"}, {"uuid": "cabec482-21c9-41fc-a916-9300553622da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114365217950639273", "content": "", "creation_timestamp": "2025-04-19T14:59:01.042552Z"}, {"uuid": "3c63b636-cc55-4619-97b4-09904c6bca12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lnh6s3clwk2o", "content": "", "creation_timestamp": "2025-04-23T02:52:16.056163Z"}, {"uuid": "a9e5f480-dbc7-49f7-8a58-501c5865fab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20234", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrvssnykqq2s", "content": "", "creation_timestamp": "2025-06-18T20:08:29.555998Z"}, {"uuid": "d1733397-0719-468f-b0ca-7dfb7ec420cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20234", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3ls2nv4wgye2p", "content": "", "creation_timestamp": "2025-06-20T18:23:42.614098Z"}, {"uuid": "e539adcf-9287-46b9-b985-c4f4a8e1cd34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:40.000000Z"}, {"uuid": "eb3b9148-0376-4a4e-beef-091ecd98c35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20233", "type": "seen", "source": "https://t.me/cvedetector/21234", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20233 - Splunk App for Lookup File Editing Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20233 \nPublished : March 26, 2025, 10:15 p.m. | 33\u00a0minutes ago \nDescription : In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user. \nSeverity: 2.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T23:55:53.000000Z"}, {"uuid": "f9888b50-c475-40f4-b380-17460d753de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20239", "type": "seen", "source": "https://t.me/true_secator/7332", "content": "Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 20 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0437\u0430 \u0430\u0432\u0433\u0443\u0441\u0442 2025 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Secure Firewall Management Center (FMC), Secure Firewall Threat Defense (FTD) \u0438 Secure Firewall Adaptive Security Appliance (ASA).\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2025-20265 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 10,0) \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Secure FMC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0443\u044e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco FTD \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b RADIUS, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u0432\u0432\u043e\u0434\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0445\u043e\u0434\u044f\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 RADIUS.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Secure FMC \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e RADIUS \u0434\u043b\u044f \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SSH \u0438\u043b\u0438 \u043e\u0431\u043e\u0438\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Secure FMC Software 7.0.7 \u0438 7.7.0, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f RADIUS.\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439, \u043a\u0440\u043e\u043c\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2025-20265 Cisco \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a:\n\n- CVE-2025-20217\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Snort 3 \u0432 Secure Firewall Threat Defense.\n\n- CVE-2025-20222\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c IPv6 \u0447\u0435\u0440\u0435\u0437 IPsec \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0438 2100.\n\n- CVE-2025-20224, CVE-2025-20225, CVE-2025-20239\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IKEv2 \u0432 IOS, IOS XE, Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20133, CVE-2025-20243\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 SSL VPN \u0434\u043b\u044f Secure Firewall \u0438 Secure Firewall.\n\n- CVE-2025-20134\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SSL/TLS-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20136\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 DNS \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20263\u00a0(CVSS: 8,6): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20148\u00a0(CVSS: 8,5): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c HTML-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Secure Firewall Management Center.\n\n- CVE-2025-20251\u00a0(CVSS: 8,5): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20127\u00a0(CVSS: 7,7): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f TLS 1.3 \u0442\u0438\u043f\u0430 DoS \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0439 3100 \u0438 4200.\n\n- CVE-2025-20244\u00a0(CVSS: 7,7): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u043f\u043e\u043a\u0430 \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0441\u043e\u0431\u043e\u0435 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u043a \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 - \u044d\u0442\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u043e\u0439\u0442\u0438.", "creation_timestamp": "2025-08-15T11:00:11.000000Z"}, {"uuid": "20f62b54-7c76-488c-a47d-413d314f1ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20231", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:00.000000Z"}, {"uuid": "6d0d00f0-63cb-4bc2-82a9-a61677ca36ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20230", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:00.000000Z"}, {"uuid": "508977c6-7cbc-40fe-9d6b-1601ba28630b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:57.000000Z"}, {"uuid": "3284a051-bc5e-4822-a72e-6cdf404ec1c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20233", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8995", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20233\n\ud83d\udd25 CVSS Score: 2.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.\n\ud83d\udccf Published: 2025-03-26T22:06:39.987Z\n\ud83d\udccf Modified: 2025-03-26T22:06:39.987Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2025-0310", "creation_timestamp": "2025-03-26T22:25:31.000000Z"}]}