CVE-2025-62002
Bypass of Ransomware Detection in BullWall via Single Large File Encryption
Publication date: 2025-12-18
Last updated on: 2025-12-18
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bullwall | ransomware_containment | 4.6.1.4 |
| bullwall | ransomware_containment | 4.6.0.0 |
| bullwall | ransomware_containment | 4.6.0.6 |
| bullwall | ransomware_containment | 4.6.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-358 | The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects BullWall Ransomware Containment, which detects ransomware based on the number of file modifications. An authenticated attacker can exploit this by encrypting a single large file without triggering the detection alert, bypassing the ransomware containment mechanism.
How can this vulnerability impact me? :
The vulnerability allows an authenticated attacker to encrypt a large file without detection, potentially enabling ransomware activity to go unnoticed. This could lead to data integrity issues and possible data loss or operational disruption.