What is the CVSS score of CVE-2025-41761?

CVE-2025-41761 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of SSH are affected by CVE-2025-41761?

CVE-2025-41761 allows attackers who compromise the UBR service account to escalate privileges and gain complete system control.

How to fix or mitigate CVE-2025-41761?

Within 24 hours: Audit all systems running the UBR service and document current privilege escalation permissions; immediately restrict sudo access for the UBR service account to only essential binaries and remove tcpdump and ip from the sudoers configuration. Within 7 days: Implement enhanced monitoring and alerting for UBR service account activity, particularly sudo command execution; conduct a forensic review of logs for suspicious UBR account usage. Within 30 days: Develop and test an isolation strategy for the UBR service account using mandatory access controls (MAC); establish a vendor communication plan to track patch availability and prepare deployment procedures.

SSH CVE-2025-41761

HIGH

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)

2026-03-09 info@cert.vde.com

Privilege Escalation SSH Universal Bacnet Router Firmware

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:56 vuln.today

CVE Published

Mar 09, 2026 - 09:16 nvd

HIGH 7.8

DescriptionNVD

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.

AnalysisAI

Technical ContextAI

Affects Universal Bacnet Router Firmware. A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.

RemediationAI

Monitor vendor advisories for a patch.

CVE-2025-41761 vulnerability details – vuln.today

Back

SSH CVE-2025-41761

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code