Red Hat · Keycloak · CVE-2025-7784
**Name of the Vulnerable Software and Affected Versions**
Keycloak (affected versions not specified)
**Description**
A flaw exists in Keycloak when Fine-Grained Admin Permissions (FGAPv2) are enabled. An administrative user possessing the `manage-users` role can escalate privileges to `realm-admin` due to improper privilege enforcement. This allows unauthorized elevation of access rights, compromising the intended separation of administrative duties.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.