PT-2025-29202 · Apache · Apache Service Control

Noam Moshe

Published

2025-07-11

Updated

2025-08-08

CVE-2025-30025

CVSS v4.0

4.8

Vector

AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:L/SI:L/SA:L

Name of the Vulnerable Software and Affected Versions:

Apache Service Control (affected versions not specified)

Description:

The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Deserialization of Untrusted Data

Weakness Enumeration

CVE-2025-30025

Apache Service Control