216.73.217.24

CVE-2025-13428

· Published 09/12/2025 16:17 · Modified 09/12/2025 18:37

Labels: CVE-2025-13428 2025-12-09CVE-2025-13428CWE-20f45cbf4e-4146-4068-b7e1-655ffc2c548c

Essential information

Published
09/12/2025 16:17
Modified
09/12/2025 18:37
Author
Creator
CVSS
8.6 HIGH (v3) 8.6 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution (RCE) in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containing a malicious setup.py file, which would execute on the server during the installation process, leading to potential server compromise. No customer action is required. All customers have been automatically upgraded to the fixed version: 6.3.64 or higher.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
f45cbf4e-4146-4068-b7e1-655ffc2c548c
NVD
View on NVD

References