CVE-2025-27364

CVSS 3.1 Score 10 of 10 (high)

Details

Published Feb 24, 2025

CWE ID 78

Summary

CVE-2025-27364 is a Remote Code Execution (RCE) vulnerability affecting MITRE Caldera versions 4.2.0 and 5.0.0 up to 35bc06e. The issue lies in the dynamic agent (implant) compilation functionality of the server. A crafted web request can exploit this vulnerability by manipulating the Caldera server API used for compiling and downloading of Caldera's Sandcat or Manx agent (implants). The attacker can leverage the gcc -extldflags linker flag with sub-commands to execute arbitrary code on the server where Caldera is installed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3ms5un
https://www.cve.org/CVERecord?id=CVE-2025-27364
https://nvd.nist.gov/vuln/detail/CVE-2025-27364

Back to Vulnerability Database

CVE-2025-27364

CVSS 3.1 Score 10 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations