Skip to main content

Red Hat CVE-2025-7493

CRITICAL
Insufficient Granularity of Access Control (CWE-1220)
2025-09-30 secalert@redhat.com
Privilege Escalation Information Disclosure Red Hat Canonical Suse
9.1
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch released
Apr 09, 2026 - 08:30 nvd
Patch available
Analysis Generated
Mar 28, 2026 - 19:15 vuln.today
CVE Published
Sep 30, 2025 - 15:15 nvd
CRITICAL 9.1

DescriptionNVD

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.

AnalysisAI

A privilege escalation flaw from host to domain administrator was found in FreeIPA. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-1220. A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.

Affected ProductsAI

FreeIPA. This vulnerability.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2026-49238 HIGH
8.4 May 28

Virtual machine escape in Canonical Multipass before 1.16.3 allows a root user inside a guest VM to read arbitrary files
CVE-2026-9277 HIGH
8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr
CVE-2026-9256 HIGH
8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers
CVE-2026-49237 HIGH
7.8 May 28

Local privilege escalation in Canonical Multipass for macOS before 1.16.3 allows a low-privileged local user to obtain r
CVE-2026-42790 HIGH
7.6 May 27

TLS server impersonation in Erlang/OTP's public_key library lets a name-constrained subordinate CA forge a trusted ident

Vendor StatusVendor

Share

CVE-2025-7493 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy