216.73.217.64

CVE-2025-25500

· Published 18/03/2025 14:15 · Modified 19/03/2025 14:15

Labels: CVE-2025-25500 2025-03-18CVE-2025-25500[email protected]

Essential information

Published
18/03/2025 14:15
Modified
19/03/2025 14:15
Author
Creator
CISA KEV
No
CWE

Description

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
cosmwasm / cosmwasm cpe:2.3:a:cosmwasm:cosmwasm:<2.2.0:*:*:*:*:*:*:*

References