CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2025-32803 – Insecure file permissions can result in confidential information leakage
https://notcve.org/view.php?id=CVE-2025-32803
28 May 2025 — In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8. A vulnerability was found in the Kea package, where an attacker with access to a local unprivileged user may be able to read the logs and DHCP lease information. This can be used to retrieve sensitive information about the DHCP clients and about the Kea process itself. In some cases, Kea log files or lease files may be world-readable. This issu... • https://kb.isc.org/docs/cve-2025-32803 • CWE-276: Incorrect Default Permissions CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-32802 – Insecure handling of file paths allows multiple local attacks
https://notcve.org/view.php?id=CVE-2025-32802
28 May 2025 — Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8. A vulnerability was found in the Kea package. If an attacker has access to a local user account and the Kea API entry points are not secured, the atta... • https://kb.isc.org/docs/cve-2025-32802 • CWE-73: External Control of File Name or Path CWE-250: Execution with Unnecessary Privileges CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-32801 – Loading a malicious hook library can lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2025-32801
28 May 2025 — Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8. A flaw was found in the Kea package, where an unprivileged user can instruct Kea to load a hook library from any arbitrary local file. This hook can then be executed using the same priv... • https://kb.isc.org/docs/cve-2025-32801 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-267: Privilege Defined With Unsafe Actions •