CVE-2025-12381 (GCVE-0-2025-12381)
Vulnerability from cvelistv5 – Published: 2025-12-09 13:41 – Updated: 2025-12-09 14:26
VLAI?
Summary
Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection.
A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.
This issue affects Firewall Analyzer: A33.0, A33.10.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AlgoSec | Firewall Analyzer |
Affected:
A33.0 (up to build 320)
Affected: A33.10 (up to build 220) |
Credits
Charlie Lindholm
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12381",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T14:25:52.884477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T14:26:01.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"64 bit"
],
"product": "Firewall Analyzer",
"vendor": "AlgoSec",
"versions": [
{
"status": "affected",
"version": "A33.0 (up to build 320)"
},
{
"status": "affected",
"version": "A33.10 (up to build 220)"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:linux:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:64_bit:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:linux:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:64_bit:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Charlie Lindholm"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u0026nbsp;Privilege Escalation, Parameter Injection.\u003cbr\u003e\u003cbr\u003eA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThis issue affects Firewall Analyzer: A33.0, A33.10.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\nThis issue affects Firewall Analyzer: A33.0, A33.10."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T13:41:53.393Z",
"orgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738",
"shortName": "AlgoSec"
},
"references": [
{
"url": "https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade ASMS suite to A33.0\u0026nbsp;(build 330 and above), A33.10 (build 230 and above).\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.algosec.com/en/downloads/hotfix_releases\"\u003ehttps://portal.algosec.com/en/downloads/hotfix_releases\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Upgrade ASMS suite to A33.0\u00a0(build 330 and above), A33.10 (build 230 and above).\n https://portal.algosec.com/en/downloads/hotfix_releases"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca5f073f-8266-4d43-b3e3-6eb0bb18a738",
"assignerShortName": "AlgoSec",
"cveId": "CVE-2025-12381",
"datePublished": "2025-12-09T13:41:53.393Z",
"dateReserved": "2025-10-28T09:05:51.106Z",
"dateUpdated": "2025-12-09T14:26:01.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-12381\",\"sourceIdentifier\":\"security.vulnerabilities@algosec.com\",\"published\":\"2025-12-09T16:17:33.910\",\"lastModified\":\"2025-12-09T18:37:13.640\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\\n\\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\\nThis issue affects Firewall Analyzer: A33.0, A33.10.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security.vulnerabilities@algosec.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:L/U:Amber\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NEGLIGIBLE\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"LOW\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"security.vulnerabilities@algosec.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm\",\"source\":\"security.vulnerabilities@algosec.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12381\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-09T14:25:52.884477Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-09T14:25:58.539Z\"}}], \"cna\": {\"title\": \"Privilege Escalation via Misconfigured Sudoers Entry for Local Users in AlgoSec Firewall Analyzer\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Charlie Lindholm\"}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}, {\"capecId\": \"CAPEC-137\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-137 Parameter Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 6.1, \"Automatable\": \"YES\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/RE:L/U:Amber\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AlgoSec\", \"product\": \"Firewall Analyzer\", \"versions\": [{\"status\": \"affected\", \"version\": \"A33.0 (up to build 320)\"}, {\"status\": \"affected\", \"version\": \"A33.10 (up to build 220)\"}], \"platforms\": [\"Linux\", \"64 bit\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade ASMS suite to A33.0\\u00a0(build 330 and above), A33.10 (build 230 and above).\\n https://portal.algosec.com/en/downloads/hotfix_releases\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Upgrade ASMS suite to A33.0\u0026nbsp;(build 330 and above), A33.10 (build 230 and above).\u003cbr\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://portal.algosec.com/en/downloads/hotfix_releases\\\"\u003ehttps://portal.algosec.com/en/downloads/hotfix_releases\u003c/a\u003e\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.4.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\\u00a0Privilege Escalation, Parameter Injection.\\n\\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\\u00a0\\nThis issue affects Firewall Analyzer: A33.0, A33.10.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u0026nbsp;Privilege Escalation, Parameter Injection.\u003cbr\u003e\u003cbr\u003eA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThis issue affects Firewall Analyzer: A33.0, A33.10.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:linux:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:algosec:firewall_analyzer:a33.0:*:64_bit:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:linux:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:algosec:firewall_analyzer:a33.10:*:64_bit:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"ca5f073f-8266-4d43-b3e3-6eb0bb18a738\", \"shortName\": \"AlgoSec\", \"dateUpdated\": \"2025-12-09T13:41:53.393Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-12381\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-09T14:26:01.398Z\", \"dateReserved\": \"2025-10-28T09:05:51.106Z\", \"assignerOrgId\": \"ca5f073f-8266-4d43-b3e3-6eb0bb18a738\", \"datePublished\": \"2025-12-09T13:41:53.393Z\", \"assignerShortName\": \"AlgoSec\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…