CVE-2025-64343
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-07

Last updated on: 2025-11-12

Assigner: GitHub, Inc.

Description
(conda) Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write access by authenticated users. Any logged in user can make modifications during the installation for both single-user and all-user installations. This constitutes a local attack vector if the installation is in a directory local users have access to. For single-user installations in a shared directory, these permissions persist after the installation. This issue is fixed in version 3.13.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-07
Last Modified
2025-11-12
Generated
2026-05-07
AI Q&A
2025-11-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-64343
EUVD
EUVD-2025-38241
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
conda constructor 3.12.2
conda constructor 3.13.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-289 The product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in conda Constructor versions 3.12.2 and below, where the installation directory inherits permissions from its parent directory. If the parent directory is not restricted, the permissions can be very permissive, allowing any authenticated user to write to the installation directory. This means that any logged-in user can modify the installation during setup for both single-user and all-user installations, creating a local attack vector. For single-user installations in shared directories, these permissive permissions remain after installation. The issue is fixed in version 3.13.0.


How can this vulnerability impact me? :

This vulnerability can allow any authenticated local user to modify the installation files of conda Constructor, potentially leading to unauthorized changes, privilege escalation, or the introduction of malicious code. Because the installation directory permissions are too permissive, attackers with local access can exploit this to compromise the integrity, confidentiality, and availability of the system or software installed.


What immediate steps should I take to mitigate this vulnerability?

Upgrade conda Constructor to version 3.13.0 or later, where this issue is fixed. Additionally, avoid installing conda Constructor in directories that are accessible or writable by other local users to prevent unauthorized modifications during installation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart