CVE-2025-12381
HIGH WAF: Low
CVSS 7.8
Published: 2025-12-09
CWE-269
Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection. A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file. This issue affects Firewall Analyzer: A33.0, A33.10.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| algosec | firewall_analyzer | a33.0 |
| algosec | firewall_analyzer | a33.10 |
References
- techdocs.algosec.com (Vendor Advisory)