CVE-2025-68920
Unknown
Unknown - Not Provided
Arbitrary File Overwrite and Disclosure in C-Kermit Before 10.0 Beta
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: MITRE
Description
Description
C-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ckermit | ckermit | 10.0_beta.12 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in C-Kermit (ckermit) versions through 10.0 Beta.12 before 244644d allows a remote Kermit system to either overwrite files on the local system or retrieve arbitrary files from the local system without authorization.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized modification or disclosure of files on the affected system. This could result in data loss, data corruption, or exposure of sensitive information, potentially compromising system integrity and confidentiality.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70