CVE-2025-62001

Summary

BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0.42, which remove hardcoded exclusion behavior and exposes exclusion handling as configurable settings.

Affected Software

VendorProductVersion RangeStatus
BullWallRansomware Containment4.6.0.0 < 4.6.1.14affected
BullWallRansomware Containment4.6.0.0 < 5.0.0.42affected
BullWallRansomware Containment4.6.1.14unaffected
BullWallRansomware Containment5.0.0.42unaffected

Weaknesses

  • CWE-420: CWE-420 Unprotected Alternate Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References