216.73.216.86

CVE-2025-62004

· Published 18/12/2025 21:15 · Modified 19/12/2025 18:00

Labels: CVE-2025-62004 2025-12-189119a7d8-5eab-497f-8521-727c672e3725CVE-2025-62004

Essential information

Published
18/12/2025 21:15
Modified
19/12/2025 18:00
Author
Creator
CVSS
7.5 HIGH (v3) 7.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
9119a7d8-5eab-497f-8521-727c672e3725
NVD
View on NVD

References