Home

Description

BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.

PUBLISHED Reserved 2025-10-07 | Published 2025-12-18 | Updated 2025-12-19 | Assigner cisa-cg




HIGH: 7.5CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
MEDIUM: 6.2CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

Problem types

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

Product status

Default status
unknown

4.6.0.0 (custom) before *
affected

Credits

Alexander Nikolaj Fischer

References

raw.githubusercontent.com/...IT/white/2025/va-25-352-01.json (url)

www.cve.org/CVERecord?id=CVE-2025-62004 (url)

cve.org (CVE-2025-62004)

nvd.nist.gov (CVE-2025-62004)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.