CVE-2025-62000
Unknown
Unknown - Not Provided
Bypass of BullWall Ransomware Detection via Partial File Encryption
Publication date: 2025-12-18
Last updated on: 2025-12-18
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bullwall | ransomware_containment | 4.6.1.4 |
| bullwall | ransomware_containment | 4.6.0.0 |
| bullwall | ransomware_containment | 4.6.0.6 |
| bullwall | ransomware_containment | 4.6.0.7 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1023 | The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors. |
