CVE-2025-63909 | THREATINT

Description

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files.

PUBLISHED Reserved 2025-10-27 | Published 2026-03-03 | Updated 2026-03-03 | Assigner mitre

HIGH: 7.2CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N

References

gist.github.com/GregDurys/d402038147e36de5908159d9722072ef

github.com/GregDurys/Cohesity-TranZman-CVEs

cve.org (CVE-2025-63909)

nvd.nist.gov (CVE-2025-63909)

Download JSON