Search criteria
6 vulnerabilities found for Ransomware Containment by BullWall
CVE-2025-62002 (GCVE-0-2025-62002)
Vulnerability from nvd – Published: 2025-12-18 20:33 – Updated: 2025-12-19 03:36
VLAI?
Title
BullWall Ransomware Containment large file encryption
Summary
BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
4.3 (Medium)
CWE
- CWE-358 - Improperly Implemented Security Check for Standard
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62002",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T19:36:16.621284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358 Improperly Implemented Security Check for Standard",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:36:37.617Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62002"
}
],
"title": "BullWall Ransomware Containment large file encryption"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62002",
"datePublished": "2025-12-18T20:33:55.098Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:36:37.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62000 (GCVE-0-2025-62000)
Vulnerability from nvd – Published: 2025-12-18 20:32 – Updated: 2025-12-19 03:35
VLAI?
Title
BullWall Ransomware Containment incomplete file inspection
Summary
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
CWE
- CWE-1023 - Incomplete Comparison with Missing Factors
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T20:39:27.999740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T20:39:37.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T19:55:52.454192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1023",
"description": "CWE-1023 Incomplete Comparison with Missing Factors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:35:44.456Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62000"
}
],
"title": "BullWall Ransomware Containment incomplete file inspection"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62000",
"datePublished": "2025-12-18T20:32:02.910Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:35:44.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62001 (GCVE-0-2025-62001)
Vulnerability from nvd – Published: 2025-12-18 20:32 – Updated: 2025-12-19 03:36
VLAI?
Title
BullWall Ransomware Containment hard-coded folder exclusions
Summary
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
CWE
- CWE-420 - Unprotected Alternate Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment contains excluded file paths, such as \u0027$recycle.bin\u0027 that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62001",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T19:54:33.476911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420 Unprotected Alternate Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:36:14.868Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62001"
}
],
"title": "BullWall Ransomware Containment hard-coded folder exclusions"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62001",
"datePublished": "2025-12-18T20:32:21.620Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:36:14.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62002 (GCVE-0-2025-62002)
Vulnerability from cvelistv5 – Published: 2025-12-18 20:33 – Updated: 2025-12-19 03:36
VLAI?
Title
BullWall Ransomware Containment large file encryption
Summary
BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
4.3 (Medium)
CWE
- CWE-358 - Improperly Implemented Security Check for Standard
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62002",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T19:36:16.621284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358 Improperly Implemented Security Check for Standard",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:36:37.617Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62002"
}
],
"title": "BullWall Ransomware Containment large file encryption"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62002",
"datePublished": "2025-12-18T20:33:55.098Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:36:37.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62001 (GCVE-0-2025-62001)
Vulnerability from cvelistv5 – Published: 2025-12-18 20:32 – Updated: 2025-12-19 03:36
VLAI?
Title
BullWall Ransomware Containment hard-coded folder exclusions
Summary
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
CWE
- CWE-420 - Unprotected Alternate Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment contains excluded file paths, such as \u0027$recycle.bin\u0027 that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62001",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T19:54:33.476911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420 Unprotected Alternate Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:36:14.868Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62001"
}
],
"title": "BullWall Ransomware Containment hard-coded folder exclusions"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62001",
"datePublished": "2025-12-18T20:32:21.620Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:36:14.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62000 (GCVE-0-2025-62000)
Vulnerability from cvelistv5 – Published: 2025-12-18 20:32 – Updated: 2025-12-19 03:35
VLAI?
Title
BullWall Ransomware Containment incomplete file inspection
Summary
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
Severity ?
CWE
- CWE-1023 - Incomplete Comparison with Missing Factors
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BullWall | Ransomware Containment |
Affected:
4.6.0.0 , < *
(custom)
|
Credits
Alexander Nikolaj Fischer
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T20:39:27.999740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T20:39:37.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ransomware Containment",
"vendor": "BullWall",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "4.6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alexander Nikolaj Fischer"
}
],
"datePublic": "2025-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-62000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T19:55:52.454192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1023",
"description": "CWE-1023 Incomplete Comparison with Missing Factors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T03:35:44.456Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62000"
}
],
"title": "BullWall Ransomware Containment incomplete file inspection"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-62000",
"datePublished": "2025-12-18T20:32:02.910Z",
"dateReserved": "2025-10-07T14:33:04.481Z",
"dateUpdated": "2025-12-19T03:35:44.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}