PT-2025-37160 · Google · Google Secops Soar Server
Jakub Domeracki
+1
·
Published
2025-09-11
·
Updated
2025-09-13
·
CVE-2025-9918
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
Google SecOps SOAR Server versions prior to 6.3.54.0
Description:
A path traversal flaw exists in the archive extraction component of Google SecOps SOAR Server. This allows an authenticated attacker with Use Case import permissions to achieve Remote Code Execution (RCE) by uploading a malicious ZIP archive containing path traversal sequences.
Recommendations:
Update Google SecOps SOAR Server to version 6.3.54.0 or later.
Fix
RCE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Secops Soar Server