FKIE_CVE-2025-14026

Vulnerability from fkie_nvd - Published: 2026-01-06 15:15 - Updated: 2026-02-10 19:31
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface (FFI) for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code execution. It was demonstrated that these restrictions could be bypassed.
References
cret@cert.orghttps://kb.cert.org/vuls/id/420440Third Party Advisory
cret@cert.orghttps://support.forcepoint.com/s/article/000042256Permissions Required
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/420440Third Party Advisory
Impacted products
Vendor Product Version
forcepoint one_data_loss_prevention 23.04.5642
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:forcepoint:one_data_loss_prevention:23.04.5642:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F50374A-170E-4EBF-9966-3604003FB87F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface (FFI) for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code execution. It was demonstrated that these restrictions could be bypassed."
    },
    {
      "lang": "es",
      "value": "Cliente Forcepoint One DLP, versi\u00f3n 23.04.5642 (y posiblemente versiones m\u00e1s recientes), incluye una versi\u00f3n restringida de Python 2.5.4 que impide el uso de la biblioteca ctypes. ctypes es una interfaz de funci\u00f3n externa (FFI) para Python, lo que permite llamadas a DLLs/bibliotecas compartidas, asignaci\u00f3n de memoria y ejecuci\u00f3n directa de c\u00f3digo. Se demostr\u00f3 que estas restricciones podr\u00edan ser eludidas."
    }
  ],
  "id": "CVE-2025-14026",
  "lastModified": "2026-02-10T19:31:05.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-06T15:15:42.057",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.cert.org/vuls/id/420440"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.forcepoint.com/s/article/000042256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.kb.cert.org/vuls/id/420440"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.