{"cve":{"cve_id":"CVE-2025-12381","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00137,"epss_percentile":0.03461,"epss_as_of":"2026-06-23","description":"Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file. \nThis issue affects Firewall Analyzer: A33.0, A33.10.","published_at":"2025-12-09T13:41:53.393000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":6.1,"cvss_v4_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/RE:L/U:Amber","cvss_v4_severity":"MEDIUM","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-269"],"nvd_references":["https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:25:15.997381Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"P","value_label":"Present"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"A","value_label":"Active"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"H","value_label":"High"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"H","value_label":"High"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"H","value_label":"High"},{"metric":"SA","name":"Availability (Subsequent System)","value":"H","value_label":"High"},{"metric":"S","name":"Scope","value":"N","value_label":"None"},{"metric":"AU","name":"AU","value":"Y","value_label":"Y"},{"metric":"R","name":"R","value":"U","value_label":"Unchanged"},{"metric":"RE","name":"RE","value":"L","value_label":"Low"},{"metric":"U","name":"U","value":"Amber","value_label":"Amber"}]},"affected":[{"vendor_slug":"algosec","vendor_name":"AlgoSec","product_slug":"firewall-analyzer","product_name":"Firewall Analyzer","version_start":"A33.0 (up to build 320)","version_start_inclusive":true,"version_end":"A33.0 (up to build 320)","version_end_inclusive":true,"cpe23_uri":"cve5:algosec:firewall-analyzer:A33.0 (up to build 320):A33.0 (up to build 320)"},{"vendor_slug":"algosec","vendor_name":"AlgoSec","product_slug":"firewall-analyzer","product_name":"Firewall Analyzer","version_start":"A33.10 (up to build 220)","version_start_inclusive":true,"version_end":"A33.10 (up to build 220)","version_end_inclusive":true,"cpe23_uri":"cve5:algosec:firewall-analyzer:A33.10 (up to build 220):A33.10 (up to build 220)"}],"exploit_refs":[],"news":[],"references":[{"url":"https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-12-09T13:41:53.393000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:41:20.329609Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:20.329609Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:20.329609Z","label":"CVSS score revised","source":"cvelistv5"}]}