CVE-2025-13428
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-02-03
Assigner: GoogleCloud
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| security_operations_soar | to 6.3.64 (inc) | |
| secops | soar_server | 6.3.64 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the SecOps SOAR server's custom integrations feature. An authenticated user with an "IDE role" can exploit weak validation of uploaded Python package code to achieve Remote Code Execution (RCE). Specifically, an attacker can upload a malicious Python package containing a setup.py file that executes code on the server during installation, potentially compromising the server.
How can this vulnerability impact me? :
The vulnerability can lead to a complete compromise of the SecOps SOAR server. An attacker with the appropriate role can execute arbitrary code remotely, which may result in unauthorized access, data theft, disruption of services, or further attacks within the network.
What immediate steps should I take to mitigate this vulnerability?
No customer action is required as all customers have been automatically upgraded to the fixed version 6.3.64 or higher.