CVE-2025-41761
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MBS | UBR-01 Mk II | 0.0.0 < 6.0.1.0 | affected |
| MBS | UBR-02 | 0.0.0 < 6.0.1.0 | affected |
| MBS | UBR-LON | 0.0.0 < 6.0.1.0 | affected |
Weaknesses
- CWE-88: CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.