CVE-2025-32801 | THREATINT

Description

Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.

PUBLISHED Reserved 2025-04-10 | Published 2025-05-28 | Updated 2025-05-28 | Assigner isc

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-94 Improper Control of Generation of Code ('Code Injection')

Product status

Default status

unaffected

2.4.0 (custom)

affected

2.6.0 (custom)

affected

2.7.0 (custom)

affected

Credits

ISC would like to thank Matthias Gerstner from the SUSE security team and Laura Pardo from Red Hat's Product Security Team for bringing this vulnerability to our attention.

References

kb.isc.org/docs/cve-2025-32801 (CVE-2025-32801) vendor-advisory

cve.org (CVE-2025-32801)

nvd.nist.gov (CVE-2025-32801)

Download JSON