CVE-2025-1131

216.73.217.22

· Published 23/09/2025 05:15 · Modified 24/09/2025 18:11

Labels: CVE-2025-1131 2025-09-23 CVE-2025-1131 CWE-427 b7efe717-a805-47cf-8e9a-921fca0ce0ce

Essential information

Published: 23/09/2025 05:15
Modified: 24/09/2025 18:11
Author: —
Creator: —
CVSS: 7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. When Asterisk is started via this script (common in SysV init or FreePBX environments), it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating ownership or permissions. Non-root users with legitimate write access to /etc/asterisk can exploit this behaviour by placing malicious scripts in the startup.d directory, which will then execute with root privileges upon service restart.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: b7efe717-a805-47cf-8e9a-921fca0ce0ce
NVD: View on NVD

Affected products (CPE)

Product	CPE
asterisk / asterisk	`cpe:2.3:a:asterisk:asterisk::::::::`