CVE-2025-3722

A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.

CVSS v3 4.4 MEDIUM

4.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://thrive.trellix.com/s/article/000014635	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:trellix:system_information_reporter:*:*:*:*:*:*:*:*

History

11 Feb 2026, 21:40

Type	Values Removed	Values Added
First Time		Trellix Trellix system Information Reporter
References	~~() https://thrive.trellix.com/s/article/000014635 -~~	() https://thrive.trellix.com/s/article/000014635 - Permissions Required
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.4
CPE		cpe:2.3:a:trellix:system_information_reporter::::::::
Summary		(es) Una vulnerabilidad de path traversal en System Information Reporter (SIR) 1.0.3 y anteriores permitía a un usuario autenticado con privilegios elevados emitir solicitudes POD maliciosas a System Information Reporter, lo que llevaba a la creación de archivos en cualquier parte del sistema de archivos y posiblemente a sobrescribir archivos existentes y exponer información confidencial.

26 Jun 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-26 11:15

Updated : 2026-02-11 21:40

NVD link : CVE-2025-3722

Mitre link : CVE-2025-3722

CVE.ORG link : CVE-2025-3722

JSON object : View

Products Affected

trellix

system_information_reporter

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2025-3722", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}], "cvssMetricV40": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 0.0, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-26T11:15:26.427", "references": [{"url": "https://thrive.trellix.com/s/article/000014635", "tags": ["Permissions Required"], "source": "trellixpsirt@trellix.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure."}, {"lang": "es", "value": "Una vulnerabilidad de path traversal en System Information Reporter (SIR) 1.0.3 y anteriores permit\u00eda a un usuario autenticado con privilegios elevados emitir solicitudes POD maliciosas a System Information Reporter, lo que llevaba a la creaci\u00f3n de archivos en cualquier parte del sistema de archivos y posiblemente a sobrescribir archivos existentes y exponer informaci\u00f3n confidencial."}], "lastModified": "2026-02-11T21:40:42.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trellix:system_information_reporter:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCB204E5-A954-45E1-AEB7-B2A9B7D523F7", "versionEndIncluding": "1.0.3"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}