FKIE_CVE-2025-41255

Vulnerability from fkie_nvd - Published: 2025-06-25 10:15 - Updated: 2025-06-26 18:58
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Summary
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17.5.
References
1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4ahttps://github.com/iterate-ch/cyberduck/security/advisories/GHSA-vjjc-grpp-m655
1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4ahttps://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250325-01_Cyberduck_Mountain_Duck_Certificate_Handling
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/iterate-ch/cyberduck/security/advisories/GHSA-vjjc-grpp-m655
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250325-01_Cyberduck_Mountain_Duck_Certificate_Handling
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions.\n\n\n\n\n\n\n\n\n\n\n\nThis issue affects Cyberduck through 9.1.6 and Mountain Duck through\u00a04.17.5."
    },
    {
      "lang": "es",
      "value": "Cyberduck y Mountain Duck gestionan incorrectamente la fijaci\u00f3n de certificados TLS para certificados no confiables (p. ej., autofirmados), instal\u00e1ndolos innecesariamente en el almac\u00e9n de certificados de Windows del usuario actual sin ninguna restricci\u00f3n. Este problema afecta a Cyberduck hasta la versi\u00f3n 9.1.6 y a Mountain Duck hasta la versi\u00f3n 4.17.5."
    }
  ],
  "id": "CVE-2025-41255",
  "lastModified": "2025-06-26T18:58:14.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.8,
        "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-25T10:15:21.783",
  "references": [
    {
      "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
      "url": "https://github.com/iterate-ch/cyberduck/security/advisories/GHSA-vjjc-grpp-m655"
    },
    {
      "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
      "url": "https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250325-01_Cyberduck_Mountain_Duck_Certificate_Handling"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/iterate-ch/cyberduck/security/advisories/GHSA-vjjc-grpp-m655"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250325-01_Cyberduck_Mountain_Duck_Certificate_Handling"
    }
  ],
  "sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-266"
        }
      ],
      "source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.