CVE-2025-53881

CVSS v4.0

6.9

Medium

Vector

AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions exim versions prior to 4.98.2-lp156.248.1

Description A flaw exists in the exim package related to a UNIX Symbolic Link (Symlink) Following vulnerability within the logrotate configuration. This issue allows for privilege escalation from the mail user/group to root.

Recommendations Update to exim version 4.98.2-lp156.248.1 or later.

Fix

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-61

Related Identifiers

CVE-2025-53881

OPENSUSE-SU-2025:15626-1

OPENSUSE-SU-2025:20155-1

Affected Products

Exim

CVE-2025-53881

Weakness Enumeration

Related Identifiers

Affected Products

References · 8