CVE-2025-9918
8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
Summary
A Path Traversal vulnerability in the archive extraction component in Google SecOps SOAR Server (versions 6.3.54.0, 6.3.53.2, and all prior versions) allows an authenticated attacker with permissions to import Use Cases to achieve Remote Code Execution (RCE) via uploading a malicious ZIP archive containing path traversal sequences.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Google Cloud | Google SecOps SOAR | 0 < 6.3.54.0 | affected |
| Google Cloud | Google SecOps SOAR | 0 < 6.3.53.2 | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://cloud.google.com/support/bulletins?gcp-2025-049
- https://cloud.google.com/chronicle/docs/security-bulletins#GCP-2025-049
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.