PT-2025-52342 · Bullwall · Bullwall
Alexander Nikolaj
·
Publicado
2025-12-18
·
Atualizado
2025-12-19
·
CVE-2025-62004
CVSS v4.0
7.7
Alta
| Vetor | AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
BullWall versions 4.6.0.0 through 4.6.1.4
Description
BullWall Server Intrusion Protection services start after login services. An attacker who is already authenticated and has administrative privileges can log in following a system boot, bypassing Multi-Factor Authentication (MFA). The Session Initiation Protocol (SIP) service does not enforce authentication challenges retroactively, nor does it disconnect unauthenticated sessions.
Recommendations
Versions prior to 4.6.0.0 and versions after 4.6.1.4 should be investigated for potential impact.
Ensure that the BullWall Server Intrusion Protection services are initialized before login services.
Verify that the SIP service enforces authentication challenges retroactively and disconnects unauthenticated sessions.
Correção
Time Of Check To Time Of Use
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bullwall