fkie_cve-2025-23209
Vulnerability from fkie_nvd
Published
2025-01-18 01:15
Modified
2025-02-21 14:48
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. Anyone running an unpatched version of Craft with a compromised security key is affected. This vulnerability has been patched in Craft 5.5.8 and 4.13.8. Users who cannot update to a patched version, should rotate their security keys and ensure their privacy to help migitgate the issue.
References
security-advisories@github.comhttps://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secretProduct
security-advisories@github.comhttps://github.com/craftcms/cms/commit/e59e22b30c9dd39e5e2c7fe02c147bcbd004e603Patch
security-advisories@github.comhttps://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833xVendor Advisory
Impacted products
Vendor Product Version
craftcms craft_cms *
craftcms craft_cms *
craftcms craft_cms 4.0.0
craftcms craft_cms 4.0.0
craftcms craft_cms 4.0.0
craftcms craft_cms 4.0.0
craftcms craft_cms 5.0.0
craftcms craft_cms 5.0.0


To clipboard 

{
  "cisaActionDue": "2025-03-13",
  "cisaExploitAdd": "2025-02-20",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Craft CMS Code Injection Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A969ACE2-4C09-452A-B9BD-113CA9A4FF30",
              "versionEndExcluding": "4.13.8",
              "versionStartExcluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DBFB276-7508-492E-ACBA-A229E869A831",
              "versionEndExcluding": "5.5.8",
              "versionStartExcluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:4.0.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "610F6DE9-720F-45B3-81D5-18E7F6B090FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:4.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "CC2F40FC-7C27-456A-B16D-679410D1D5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:4.0.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "FBAA8227-04F8-404C-907B-B0162B325F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:4.0.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "21B28E2C-327A-4CE6-ACAD-97E459712A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:5.0.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "1C7461CF-35AB-48E1-88B6-956DAE1D2AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:craftcms:craft_cms:5.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8D8E02D1-601A-4E2B-B619-4775BFDB72D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. Anyone running an unpatched version of Craft with a compromised security key is affected. This vulnerability has been patched in Craft 5.5.8 and 4.13.8. Users who cannot update to a patched version, should rotate their security keys and ensure their privacy to help migitgate the issue."
    },
    {
      "lang": "es",
      "value": "Craft es un CMS flexible y f\u00e1cil de usar para crear experiencias digitales personalizadas en la web y m\u00e1s all\u00e1. Esta es una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) que afecta a las instalaciones de Craft 4 y 5 en las que su clave de seguridad ya se ha visto comprometida. Cualquiera que ejecute una versi\u00f3n sin parches de Craft con una clave de seguridad comprometida se ve afectado. Esta vulnerabilidad se ha corregido en Craft 5.5.8 y 4.13.8. Los usuarios que no puedan actualizar a una versi\u00f3n parcheada deben rotar sus claves de seguridad y garantizar su privacidad para ayudar a mitigar el problema."
    }
  ],
  "id": "CVE-2025-23209",
  "lastModified": "2025-02-21T14:48:55.367",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 6.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-18T01:15:07.633",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product"
      ],
      "url": "https://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secret"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/craftcms/cms/commit/e59e22b30c9dd39e5e2c7fe02c147bcbd004e603"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.