Google · Google Secops Soar Server · CVE-2025-9918
Name of the Vulnerable Software and Affected Versions:
Google SecOps SOAR Server versions prior to 6.3.54.0
Description:
A path traversal flaw exists in the archive extraction component of Google SecOps SOAR Server. This allows an authenticated attacker with Use Case import permissions to achieve Remote Code Execution (RCE) by uploading a malicious ZIP archive containing path traversal sequences.
Recommendations:
Update Google SecOps SOAR Server to version 6.3.54.0 or later.