VDB
CVE-2025-27364
CVE-2025-27364
PUBLISHED
CVSS 10 CRITICAL
In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera's Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands.
EPSS 26.34% · 96.4th percentile
Risk Scores
CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
26.34%
96.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| MITRE | Caldera | 0, 5.0.0 |
| mitre | caldera | 5.0.0 |
Timeline
- Jan 21, 1970 Fix PR Merged
- Jan 21, 1970 Fix PR Merged
- Feb 24, 2025 CVE Published
- Feb 24, 2025 CVE Updated
- Feb 24, 2025 PoC Published
- Feb 24, 2025 PoC Published
- Feb 24, 2025 PoC Published
- Feb 24, 2025 PoC Published
- Feb 24, 2025 PoC Published
- Feb 25, 2025 PoC Published
- Feb 25, 2025 PoC Published
- Feb 25, 2025 PoC Published
References
- https://github.com/mitre/caldera/releases url
- https://github.com/mitre/caldera/security url
- https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e url
- https://github.com/mitre/caldera/commit/35bc06e42e19fe7efbc008999b9f993b1b7109c0 url
- https://github.com/mitre/caldera/pull/3131/commits/61de40f92a595bed462372a5e676c2e5a32d1050 url
- https://github.com/mitre/caldera/pull/3129 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-27364 advisory