Home

Description

An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted patch file.

PUBLISHED Reserved 2025-10-27 | Published 2026-03-03 | Updated 2026-03-03 | Assigner mitre




HIGH: 7.2CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N

References

docs.stoneram.com/index.php/Tranzman

github.com/GregDurys/Cohesity-TranZman-CVEs

gist.github.com/GregDurys/74c36c36bef81293a42022758f2736a9

cve.org (CVE-2025-63910)

nvd.nist.gov (CVE-2025-63910)

Download JSON