PT-2025-42513 · Icinga 2+1 · Icinga 2+1

Published

2025-10-16

Updated

2025-10-29

CVE-2025-61909

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Icinga 2 versions 2.10.0 through 2.15.0 Icinga 2 version 2.14.6 and earlier Icinga 2 version 2.13.12 and earlier

Description Icinga 2, an open source monitoring system, has an issue where the safe-reload script and logrotate configuration read the process ID (PID) from a file writable by the Icinga daemon user, but send signals as the root user. This allows the Icinga user to send signals to processes they would normally lack permission to control. The script is also used during systemctl reload icinga2.

Recommendations Update to Icinga 2 version 2.15.1. Update to Icinga 2 version 2.14.7. Update to Icinga 2 version 2.13.13.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-250

Related Identifiers

CVE-2025-61909

GHSA-PG6G-G99V-MW46

OPENSUSE-SU-2025:15644-1

Affected Products

Debian

Icinga 2

PT-2025-42513 · Icinga 2+1 · Icinga 2+1

CVE-2025-61909

Weakness Enumeration

Related Identifiers

Affected Products

References · 19