CVE-2025-55013
BaseFortify
Publication date: 2025-08-09
Last updated on: 2025-08-12
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cybercentrecanada | assemblyline_service_client | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-23 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Assemblyline 4 Service Client versions below 4.6.1.dev138. The client accepts a SHA-256 value from the service server and uses it directly as a local file name. A malicious or compromised server, or a man-in-the-middle attacker, can exploit this by sending a path-traversal payload (e.g., '../../../etc/cron.d/evil'), causing the client to write downloaded data to arbitrary locations on the disk.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to write files to arbitrary locations on the affected system, potentially overwriting critical files or placing malicious files that could be executed. This can lead to high impact on integrity and availability, such as unauthorized code execution or system disruption.
What immediate steps should I take to mitigate this vulnerability?
Upgrade the Assemblyline 4 Service Client to version 4.6.1.dev138 or later, as this version contains the fix for the path traversal vulnerability.