PT-2025-52342 · Bullwall · Bullwall
Alexander Nikolaj
·
Published
2025-12-18
·
Updated
2025-12-19
·
CVE-2025-62004
CVSS v4.0
7.7
High
| Vector | AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
BullWall versions 4.6.0.0 through 4.6.1.4
Description
BullWall Server Intrusion Protection services start after login services. An attacker who is already authenticated and has administrative privileges can log in following a system boot, bypassing Multi-Factor Authentication (MFA). The Session Initiation Protocol (SIP) service does not enforce authentication challenges retroactively, nor does it disconnect unauthenticated sessions.
Recommendations
Versions prior to 4.6.0.0 and versions after 4.6.1.4 should be investigated for potential impact.
Ensure that the BullWall Server Intrusion Protection services are initialized before login services.
Verify that the SIP service enforces authentication challenges retroactively and disconnects unauthenticated sessions.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bullwall