CVE-2025-46066
Privilege Escalation Vulnerability in Automai Director
Publication date: 2026-01-12
Last updated on: 2026-01-12
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| automai | director | to 25.2.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-280 | The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-46066 is a critical privilege escalation vulnerability in Automai Director versions prior to 25.2.0. It allows an authenticated remote attacker to gain superuser privileges within the application. Exploiting this flaw enables the attacker to control connected agents, execute arbitrary commands, and manipulate critical application functions. This can lead to data corruption, unauthorized configuration changes, service disruption, or full compromise of the application's integrity and availability. The vulnerability is due to improper handling of insufficient permissions or privileges. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including complete compromise of the Automai Director application. An attacker who exploits it can gain superuser privileges, control connected agents, execute arbitrary commands, and manipulate critical functions. This can result in data corruption, unauthorized configuration changes, disruption of services, and loss of confidentiality, integrity, and availability of the application. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update Automai Director to version 25.2.0 or later, as the vendor has fixed the issue in this release. Ensure that only authenticated and authorized users have access to the application, and monitor for any unusual activity that could indicate exploitation attempts. Applying the vendor's patch is the primary and most effective mitigation step. [1]