CVE-2025-6723
Insecure Named Pipe Permissions in Chef InSpec Allow Privilege Escalation
Publication date: 2026-01-30
Last updated on: 2026-03-11
Assigner: Progress Software Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chef | inspec | to 5.23 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Chef InSpec up to version 5.23 creates named pipes on Windows with overly permissive access controls. This allows a local attacker to interfere with the pipe connection process and exploit these weak permissions to assume the InSpec execution context, potentially leading to elevated privileges or disruption of operations.
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to gain elevated privileges by exploiting the insufficient access restrictions on named pipes, which may result in unauthorized actions or operational disruptions within the affected system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade Chef InSpec to a version later than 5.23 where the issue with overly permissive named pipe access controls is resolved. Additionally, restrict local user permissions to prevent unauthorized access to named pipes until the upgrade is applied.