FKIE_CVE-2025-0618

Vulnerability from fkie_nvd - Published: 2025-04-23 07:15 - Updated: 2025-04-23 14:08
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper protection events from being processed, even after a reboot of HX.
References
trellixpsirt@trellix.comhttps://thrive.trellix.com/s/article/000014456
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper protection events from being processed, even after a reboot of HX."
    },
    {
      "lang": "es",
      "value": "Un tercero malintencionado podr\u00eda invocar una vulnerabilidad de denegaci\u00f3n de servicio persistente en FireEye EDR agent enviando un evento de protecci\u00f3n contra manipulaciones especialmente manipulado al servicio HX para activar una excepci\u00f3n. Esta excepci\u00f3n impedir\u00e1 que se procesen m\u00e1s eventos de protecci\u00f3n contra manipulaciones, incluso despu\u00e9s de reiniciar HX."
    }
  ],
  "id": "CVE-2025-0618",
  "lastModified": "2025-04-23T14:08:13.383",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "trellixpsirt@trellix.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-23T07:15:42.687",
  "references": [
    {
      "source": "trellixpsirt@trellix.com",
      "url": "https://thrive.trellix.com/s/article/000014456"
    }
  ],
  "sourceIdentifier": "trellixpsirt@trellix.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "trellixpsirt@trellix.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.