PT-2025-53317 · Rhivos+2 · Rhivos+2
Thibault Guittet
+1
·
Publicado
2025-12-24
·
Atualizado
2025-12-24
·
CVE-2025-2515
CVSS v3.1
7.2
Alta
| Vetor | AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
BlueChi (affected versions not specified)
Description
A flaw exists in BlueChi, a multi-node systemd service controller used in RHIVOS. A user possessing root privileges on a managed node (qm) can create or override systemd service unit files impacting the host node. This can result in privilege escalation, unauthorized service execution, and potential system compromise.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Incorrect Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bluechi
Rhivos
Systemd