PT-2025-42432 · Samba+6 · Samba+6

Published

2025-01-01

·

Updated

2026-03-10

·

CVE-2025-10230

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Samba versions prior to 4.21.9, 4.21.5, and 4.23.2
Description A critical flaw exists in Samba, specifically in the handling of WINS hook requests. The vulnerability occurs because NetBIOS names received in WINS registration packets are passed to a shell without proper validation or escaping. This allows an unauthenticated network attacker to execute arbitrary commands on a Samba Active Directory Domain Controller. The vulnerability is triggered when the wins support option is enabled and a wins hook parameter is configured. The issue stems from a lack of input sanitization, allowing shell metacharacters within the NetBIOS name to be interpreted as shell commands.
Recommendations Update Samba to version 4.21.9 or later. Update Samba to version 4.23.2 or later. If updating is not possible, disable the WINS server feature by setting wins support = no in the Samba configuration file. If updating is not possible, remove the wins hook parameter from the Samba configuration file.

Exploit

Fix

RCE

OS Command Injection

Weakness Enumeration

CWE-78

Related Identifiers

ALT-PU-2025-13456
ALT-PU-2025-13458
AZL-69782
AZL-69830
BDU:2025-13037
CVE-2025-10230
ECHO-5437-9508-127B
OESA-2025-2509
OESA-2025-2510
OESA-2025-2511
OESA-2025-2512
OESA-2025-2513
OESA-2025-2539
OPENSUSE-SU-2025:15649-1
OPENSUSE-SU-2025:20048-1
SUSE-SU-2025:03603-1
SUSE-SU-2025:03604-1
SUSE-SU-2025:03612-1
SUSE-SU-2025:03618-1
SUSE-SU-2025:21005-1
SUSE-SU-2025:21026-1
SUSE-SU-2025:3676-1
SUSE-SU-2025:3677-1
SUSE-SU-2025_03603-1
SUSE-SU-2025_03604-1
SUSE-SU-2025_03612-1
SUSE-SU-2025_03618-1
SUSE-SU-2025_21005-1
SUSE-SU-2025_3676-1
SUSE-SU-2025_3677-1
USN-7826-1
USN-7826-2

Affected Products

Alt Linux
Debian
Linuxmint
Red Os
Samba
Suse
Ubuntu