PT-2025-28375 · Unknown · Knoxvault Trustlet
Dawuge
·
Published
2025-07-08
·
Updated
2025-07-08
·
CVE-2025-20983
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
KnoxVault trustlet versions prior to SMR Jul-2025 Release 1
Description:
The issue is related to an out-of-bounds write in the authentication secret checking process. This allows local privileged attackers to write to memory outside the intended boundaries.
Recommendations:
For versions prior to SMR Jul-2025 Release 1, update to SMR Jul-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the trustlet to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Knoxvault Trustlet