CVE-2025-20386 | THREATINT

Description

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

PUBLISHED Reserved 2024-10-10 | Published 2025-12-03 | Updated 2025-12-04 | Assigner cisco

HIGH: 8.0CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Product status

10.0 (custom) before 10.0.2

affected

9.4 (custom) before 9.4.6

affected

9.3 (custom) before 9.3.8

affected

9.2 (custom) before 9.2.10

affected

References

advisory.splunk.com/advisories/SVD-2025-1205

cve.org (CVE-2025-20386)

nvd.nist.gov (CVE-2025-20386)