CNNVD-202510-514 Information

CNNVD ID

CNNVD-202510-514

Related CVE

CVE-2025-27237

• CNNVD Published: 2025-10-03

Description (Chinese)

Zabbix Agent是拉脱维亚Zabbix公司的一个Zabbix中的组件。 Zabbix Agent存在安全漏洞，该漏洞源于OpenSSL配置文件加载路径可被低权限用户写入，可能导致本地权限提升。

Description (English)

Zabbix Agent is part of a Zabbix company in Latvia. Zabix Agent has a security loophole, which stems from the fact that the OpenSSL configuration file loads paths that can be written by low-licensed users, which may result in local privileges being raised.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Zabbix

Published

2025-10-03

Last Modified

2026-02-24

References

https://support.zabbix.com/browse/ZBX-27061 https://vigilance.fr/vulnerability/Zabbix-executing-DLL-code-via-OpenSSL-Configuration-File-48384

Patch

https://support.zabbix.com/browse/ZBX-27061