216.73.216.86

CVE-2025-6723

· Published 30/01/2026 14:16 · Modified 30/01/2026 14:16

Labels: CVE-2025-6723 2026-01-30CVE-2025-6723CWE-269[email protected]

Essential information

Published
30/01/2026 14:16
Modified
30/01/2026 14:16
Author
Creator
CVSS
5.8 MEDIUM (v3) 5.8 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Chef InSpec up to version 5.23 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially resulting in elevated privileges or operational disruption. This issue affects Chef Inspec: through 5.23.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
progress / chef inspec cpe:2.3:a:progress:chef_inspec:<5.23:*:*:*:*:*:*

References