{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12381", "assignerOrgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738", "state": "PUBLISHED", "assignerShortName": "AlgoSec", "dateReserved": "2025-10-28T09:05:51.106Z", "datePublished": "2025-12-09T13:41:53.393Z", "dateUpdated": "2025-12-09T14:26:01.398Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux", "64 bit"], "product": "Firewall Analyzer", "vendor": "AlgoSec", "versions": [{"status": "affected", "version": "A33.0 (up to build 320)"}, {"status": "affected", "version": "A33.10 (up to build 220)"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:linux:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:64_bit:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:linux:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:64_bit:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Charlie Lindholm"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows&nbsp;Privilege Escalation, Parameter Injection.<br><br>A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.&nbsp;<br><p>This issue affects Firewall Analyzer: A33.0, A33.10.</p>"}], "value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\nThis issue affects Firewall Analyzer: A33.0, A33.10."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}, {"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 6.1, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738", "shortName": "AlgoSec", "dateUpdated": "2025-12-09T13:41:53.393Z"}, "references": [{"url": "https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade ASMS suite to A33.0&nbsp;(build 330 and above), A33.10 (build 230 and above).<br><a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.algosec.com/en/downloads/hotfix_releases\">https://portal.algosec.com/en/downloads/hotfix_releases</a><br>"}], "value": "Upgrade ASMS suite to A33.0\u00a0(build 330 and above), A33.10 (build 230 and above).\n https://portal.algosec.com/en/downloads/hotfix_releases"}], "source": {"discovery": "UNKNOWN"}, "title": "Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer", "x_generator": {"engine": "Vulnogram 0.4.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-09T14:25:52.884477Z", "id": "CVE-2025-12381", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T14:26:01.398Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12381", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-09T14:25:52.884477Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T14:25:58.539Z"}}], "cna": {"title": "Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Charlie Lindholm"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}, {"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 6.1, "Automatable": "YES", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/RE:L/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AlgoSec", "product": "Firewall Analyzer", "versions": [{"status": "affected", "version": "A33.0 (up to build 320)"}, {"status": "affected", "version": "A33.10 (up to build 220)"}], "platforms": ["Linux", "64 bit"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade ASMS suite to A33.0\u00a0(build 330 and above), A33.10 (build 230 and above).\n https://portal.algosec.com/en/downloads/hotfix_releases", "supportingMedia": [{"type": "text/html", "value": "Upgrade ASMS suite to A33.0&nbsp;(build 330 and above), A33.10 (build 230 and above).<br><a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.algosec.com/en/downloads/hotfix_releases\">https://portal.algosec.com/en/downloads/hotfix_releases</a><br>", "base64": false}]}], "references": [{"url": "https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"}], "x_generator": {"engine": "Vulnogram 0.4.0"}, "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\nThis issue affects Firewall Analyzer: A33.0, A33.10.", "supportingMedia": [{"type": "text/html", "value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows&nbsp;Privilege Escalation, Parameter Injection.<br><br>A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.&nbsp;<br><p>This issue affects Firewall Analyzer: A33.0, A33.10.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:linux:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:64_bit:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:linux:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:64_bit:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738", "shortName": "AlgoSec", "dateUpdated": "2025-12-09T13:41:53.393Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12381", "state": "PUBLISHED", "dateUpdated": "2025-12-09T14:26:01.398Z", "dateReserved": "2025-10-28T09:05:51.106Z", "assignerOrgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738", "datePublished": "2025-12-09T13:41:53.393Z", "assignerShortName": "AlgoSec"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\nThis issue affects Firewall Analyzer: A33.0, A33.10."}], "id": "CVE-2025-12381", "lastModified": "2025-12-09T18:37:13.640", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-12-09T16:17:33.910", "references": [{"source": "[email protected]", "url": "https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "[email protected]", "type": "Secondary"}]}

{}