CVE-2025-27027
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-07-09

Last updated on: 2025-07-10

Assigner: ENISA

Description
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-09
Last Modified
2025-07-10
Generated
2026-05-07
AI Q&A
2025-07-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-27027
EUVD
EUVD-2025-20791
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-653 The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves an evasion of the restricted shell (rbash) in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20). A user with vpuser credentials who connects via SSH is supposed to be limited to a restricted shell that only allows a small set of commands. However, this vulnerability allows that user to bypass these restrictions and gain access to a full-featured Linux shell.


How can this vulnerability impact me? :

The vulnerability allows a user with vpuser credentials to escape the restricted shell environment and gain a full-featured Linux shell. This could potentially allow the user to execute commands beyond the intended limited set, increasing the risk of unauthorized actions or system misuse within the device.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart