Vulnerability Report

CVE-2025-54997

RCE

Title: Openbao RCE

RCE

Proof Of Concept

No public PoC currently indexed for CVE-2025-54997.

CWE Category CWE-94
Published Date Aug 09, 2025
Modified Date Aug 13, 2025
Exploit Status Not Found
Score 9.1 CVSS v3.1
Exploit Probability (EPSS)
0.65%

Vulnerability Summary

CVE-2025-54997: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way.

Impacted Vendors

O
openbao 1

Reference Links

https://discuss.hashicorp.com/t/hcsec-2025-14-privileged-vault-operator-may-execute-code-on-the-underlying-host/76033 https://github.com/openbao/openbao/pull/1634 https://github.com/openbao/openbao/releases/tag/v2.3.2 https://github.com/openbao/openbao/security/advisories/GHSA-xp75-r577-cvhp
CVSS v3.1
Source Entity [email protected]
Severity CRITICAL
9.1
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
CHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2025-54997 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

MODIFIED

Vulnerability data updated via NVD.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Stack

No specific products linked.