CVE-2025-9822
BaseFortify
Publication date: 2025-09-03
Last updated on: 2025-09-04
Assigner: Mautic
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mautic | mautic | 4.4.17 |
| mautic | mautic | 6.0.0-alpha |
| mautic | mautic | 4.4.0 |
| mautic | mautic | 6.0.5 |
| mautic | mautic | 5.2.8 |
| mautic | mautic | 5.0.0-alpha |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-283 | The product does not properly verify that a critical resource is owned by the proper entity. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9822 is a moderate severity vulnerability in the Mautic application affecting certain versions. It occurs due to improper verification of resource ownership in the elfinder component. An attacker with administrator privileges can exploit this flaw to change the application's configuration and extract sensitive secrets, such as database credentials, which are normally not accessible even to administrators. [1]
How can this vulnerability impact me? :
This vulnerability allows an attacker with administrator rights to disclose sensitive information like database credentials that should normally be protected. This can lead to unauthorized access to critical data, potentially compromising confidentiality. The impact on integrity is low and there is no impact on availability. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects Mautic application versions 4.4.0 to before 4.4.17, 5.0.0-alpha to before 5.2.8, and 6.0.0-alpha to before 6.0.5. Detection involves identifying if your Mautic installation is running one of these vulnerable versions. You can check the Mautic version by running the command: `php /path/to/mautic/bin/console mautic:version` or by inspecting the version information in the application interface. Additionally, monitoring for unusual configuration changes or unauthorized access attempts by administrator accounts could indicate exploitation attempts. There are no specific network commands provided to detect exploitation of this vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade your Mautic application to a patched version: 4.4.17 or later for the 4.4.x branch, 5.2.8 or later for the 5.x branch, or 6.0.5 or later for the 6.x branch. Restrict administrator privileges to trusted users only, as exploitation requires administrator rights. Monitor and audit administrator activities for suspicious behavior. Applying these updates will fix the improper verification of resource ownership in the elfinder component and prevent unauthorized configuration changes and secret extraction. [1]