CVE-2025-4228

An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.

CVSS

No CVSS.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-4228

Configurations

No configuration.

History

16 Jun 2025, 12:32

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de asignación incorrecta de privilegios en Palo Alto Networks Cortex® XDR Broker VM permite que un usuario administrativo autenticado ejecute ciertos archivos disponibles dentro de Broker VM y escale sus privilegios a root.

13 Jun 2025, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-13 00:15

Updated : 2025-06-16 12:32

NVD link : CVE-2025-4228

Mitre link : CVE-2025-4228

CVE.ORG link : CVE-2025-4228

JSON object : View

Products Affected

No product.

CWE

CWE-266

Incorrect Privilege Assignment

{"id": "CVE-2025-4228", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 4.6, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-13T00:15:23.233", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-4228", "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-266"}]}], "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex\u00ae XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root."}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n incorrecta de privilegios en Palo Alto Networks Cortex\u00ae XDR Broker VM permite que un usuario administrativo autenticado ejecute ciertos archivos disponibles dentro de Broker VM y escale sus privilegios a root."}], "lastModified": "2025-06-16T12:32:18.840", "sourceIdentifier": "psirt@paloaltonetworks.com"}