CVE-2025-62000
Bypass of BullWall Ransomware Detection via Partial File Encryption
Publication date: 2025-12-18
Last updated on: 2025-12-18
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bullwall | ransomware_containment | 4.6.1.4 |
| bullwall | ransomware_containment | 4.6.0.0 |
| bullwall | ransomware_containment | 4.6.0.6 |
| bullwall | ransomware_containment | 4.6.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1023 | The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in BullWall Ransomware Containment occurs because the software does not fully inspect files to determine if they are ransomware. An authenticated attacker can bypass detection by encrypting a file but leaving the first four bytes unchanged, allowing the ransomware to go undetected.
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker to bypass ransomware detection, potentially leading to successful ransomware attacks that encrypt files without being detected. This can result in data loss, operational disruption, and increased risk to system security.