CVE-2025-62002

Summary

BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection can be configured by the user. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.

Affected Software

VendorProductVersion RangeStatus
BullWallRansomware Containment4.6.0.0 < *affected

Weaknesses

  • CWE-358: CWE-358 Improperly Implemented Security Check for Standard

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References