CVE-2025-64996 (GCVE-0-2025-64996)
Vulnerability from cvelistv5
Published
2025-11-18 15:10
Modified
2025-11-18 21:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.
References
| URL | Tags | ||||||
|---|---|---|---|---|---|---|---|
|
|||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Checkmk GmbH | Checkmk |
Version: 2.4.0 ≤ Version: 2.3.0 ≤ Version: 2.2.0 ≤ Version: 2.1.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T21:22:39.861013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T21:23:15.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Checkmk GmbH",
"versions": [
{
"lessThan": "2.4.0p16",
"status": "affected",
"version": "2.4.0",
"versionType": "semver"
},
{
"lessThan": "2.3.0p41",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.2.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.0p16",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.0p41",
"versionStartIncluding": "2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin\u0027s output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T15:10:53.398Z",
"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"shortName": "Checkmk"
},
"references": [
{
"url": "https://checkmk.com/werk/18570"
}
],
"title": "Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin\u0027s output",
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f",
"assignerShortName": "Checkmk",
"cveId": "CVE-2025-64996",
"datePublished": "2025-11-18T15:10:53.398Z",
"dateReserved": "2025-11-12T09:16:24.091Z",
"dateUpdated": "2025-11-18T21:23:15.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-64996\",\"sourceIdentifier\":\"security@checkmk.com\",\"published\":\"2025-11-18T16:15:46.563\",\"lastModified\":\"2025-11-24T14:13:26.960\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin\u0027s output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@checkmk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@checkmk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.0\",\"matchCriteriaId\":\"784262E3-E643-4564-9FFE-BB8FEDB0A662\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"83202950-840A-4CB7-AD96-CE62E84FABD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A020A77-7D84-4557-9B0B-D74A89BC1538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9770554-978B-4552-9E0E-CD6B6675243C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1883D2F4-CB96-4DDE-87E8-D1990A3FA092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F08FE580-67D4-419C-AE4A-3B9EBC6A2838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DD5C67F-CD3E-400E-802D-8B52408A259F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"310A2FA2-633A-48FB-A5C2-9A9A922E72E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C0F1DC8-D9DF-4A7A-80DC-618FAB091375\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F89225F-6969-4D89-B889-9CB09972825B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"625A6998-5DAE-4538-9760-20523CCE501F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EFD4461-2C37-418F-90AD-3A956B2D91C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*\",\"matchCriteriaId\":\"88523633-844C-41FE-ADF1-74D6AA2BCE6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p18:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA03E01-06D1-4E18-9C7B-CB6E49E5954B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p19:*:*:*:*:*:*\",\"matchCriteriaId\":\"91F171B6-7F9A-4B9B-B53D-277FE74124F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p20:*:*:*:*:*:*\",\"matchCriteriaId\":\"34FF7D09-2129-4266-BF71-5424DC9E18B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p21:*:*:*:*:*:*\",\"matchCriteriaId\":\"246F0BA5-F927-4204-97F3-51870072599F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p22:*:*:*:*:*:*\",\"matchCriteriaId\":\"86ED47B6-58FB-4BAC-9C87-F7BC08AB3870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p23:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CFF173A-373B-4948-BD22-86C031B58E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p24:*:*:*:*:*:*\",\"matchCriteriaId\":\"90648825-55F7-472A-944E-7E5C787FAFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EE2BA6D-737A-4EEB-B8A2-91E9C61B70C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p26:*:*:*:*:*:*\",\"matchCriteriaId\":\"94FA8F05-267D-4B24-9AA3-A77FAD259310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p27:*:*:*:*:*:*\",\"matchCriteriaId\":\"085B463B-633A-447A-B61C-99DD78B49A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p28:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5DB112B-EE65-4BAB-AED8-716E618FD89C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p29:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD9EDBC8-A6A7-4348-8446-1D1DDDACDC51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B28A0C9D-072A-413C-8587-CD57CB918190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p30:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB0E10D1-2497-4CAE-ABA5-9F861C6A65DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p31:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E64A46A-A1E2-4272-A7B8-36140AF2B889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p32:*:*:*:*:*:*\",\"matchCriteriaId\":\"28568D2A-CA5B-42C2-8A32-FF783CB7A06F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p33:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82F8827-B7B2-4C10-A42A-77781BC7B24B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p34:*:*:*:*:*:*\",\"matchCriteriaId\":\"F641BB83-8A0D-42D0-AB3E-7314918FDC9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p35:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCCE61D4-00B1-4D83-8FAE-8F2FA8F48E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p36:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB9628A-5A72-4DD5-9D4A-CBE13B0CFDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p37:*:*:*:*:*:*\",\"matchCriteriaId\":\"E34FEBB1-0935-4363-B4FE-45901BFC9A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p38:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C43DE3C-0098-4613-B2A4-39607A63CE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p39:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F5F5665-C2A9-4877-B3F6-59059A1EEFF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF22D0A7-82B1-4598-B8C5-BDFE523D07F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p40:*:*:*:*:*:*\",\"matchCriteriaId\":\"7352D105-D045-427C-BA79-0B16D41139D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"20035AFB-75B4-4164-9833-A2FCAE24B577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCBACEB-7130-455D-B4BE-243053C116DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"156384E2-E04B-4153-A91F-3F307C9FEAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C194C1-5292-4E2A-BB71-9C5CD3CE6194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"022C075A-4B04-4141-A7D7-F93C9A7CE0FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"60C00469-0CD1-4E9C-8370-CE113842056C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"179905FC-821F-4214-A872-E4E3702419D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"04956994-D5A8-45EE-9DC2-8A1D3058CE8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8868449B-7259-4C3B-8344-0EFE0BA3A97E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBDF3A13-582F-43D2-B42F-0DC42D4FBFBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:b6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF500B3-AA6A-4618-BC7E-0F214B795E0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CFE68AB-1F57-497C-9229-29ED3A73D87F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"577F9F72-2FDA-4F87-A840-05158F2368B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F3AD894-660B-41FC-B910-899A764A00B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"21853BB4-1BB5-40E3-82E2-253899D898ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7963D66-A89A-4167-A2BA-DFF89B439EAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"42099281-2026-4507-A20B-C669C206ADB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"29A44B1E-83CD-4A3D-AFFD-82AAC7760293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B11306B4-1092-470C-BA87-DBD02A18A74B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"74F78C48-030A-48A1-B69E-04C4EA5CCC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8701A914-774B-4E3B-A651-4A9FD19A187A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"19E40054-C44D-4C4C-B077-0333D8201E5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2D2F49-32B2-42AA-B99E-7C39403CF104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACE440F8-EBF5-4DBB-A215-57D770C66219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A94395D-DDCE-4977-89CA-46F71C3CA2B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkmk:checkmk:2.4.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9513876C-8DF0-4A59-864F-8401BAA43376\"}]}]}],\"references\":[{\"url\":\"https://checkmk.com/werk/18570\",\"source\":\"security@checkmk.com\",\"tags\":[\"Vendor Advisory\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-64996\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-18T21:22:39.861013Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-18T21:22:48.886Z\"}}], \"cna\": {\"title\": \"Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin\u0027s output\", \"impacts\": [{\"capecId\": \"CAPEC-180\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels\"}]}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N\"}}], \"affected\": [{\"vendor\": \"Checkmk GmbH\", \"product\": \"Checkmk\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.4.0\", \"lessThan\": \"2.4.0p16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.3.0\", \"lessThan\": \"2.3.0p41\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.2.0\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.1.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://checkmk.com/werk/18570\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin\u0027s output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-732\", \"description\": \"CWE-732: Incorrect Permission Assignment for Critical Resource\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.4.0p16\", \"versionStartIncluding\": \"2.4.0\"}, {\"criteria\": \"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.3.0p41\", \"versionStartIncluding\": \"2.3.0\"}, {\"criteria\": \"cpe:2.3:a:checkmk:checkmk:2.2.0:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:checkmk:checkmk:2.1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f7d6281c-4801-44ce-ace2-493291dedb0f\", \"shortName\": \"Checkmk\", \"dateUpdated\": \"2025-11-18T15:10:53.398Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-64996\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-18T21:23:15.114Z\", \"dateReserved\": \"2025-11-12T09:16:24.091Z\", \"assignerOrgId\": \"f7d6281c-4801-44ce-ace2-493291dedb0f\", \"datePublished\": \"2025-11-18T15:10:53.398Z\", \"assignerShortName\": \"Checkmk\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…