CNNVD-202509-2318 Information

CNNVD ID

CNNVD-202509-2318

Related CVE

CVE-2025-57625

• CNNVD Published: 2025-09-16

Description (Chinese)

CYRISMA Sensor是美国CYRISMA公司的一个扫描与检测组件。 CYRISMA Sensor 444之前版本存在安全漏洞，该漏洞源于文件夹和文件权限不安全，可能导致低权限用户替换二进制文件并执行任意代码，从而提升权限。

Description (English)

CYRISMA Sensor is a scanning and testing component of CYRISMA in the United States. There was a security loophole in the previous version of CYRISMA Sensor 444, which stemmed from the insecurity of folders and file permissions, which could lead to the replacement of binary files and the enforcement of any code by low-permissible users, thereby increasing the privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CYRISMA

Published

2025-09-16

Last Modified

2026-02-24

References

https://msry1.gitbook.io/thegoldenrecord/blog/vulnerability-and-bug-disclosures/cyrsma-sensor-version-less-than-2.5 https://youtu.be/2DScqXPtrWw https://access.redhat.com/security/cve/cve-2025-57625

Patch

https://www.cyrisma.com/