What is the CVSS score of EUVD-2025-208627?

EUVD-2025-208627 has a CVSS 3.1 base score of 6.4 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Red Hat Fuse 7 are affected by EUVD-2025-208627?

Organizations using A container privilege escalation flaw should be aware of moderate risk from CVE-2025-57849, a incorrect default permissions vulnerability rated CVSS 6.4.

How to fix or mitigate EUVD-2025-208627?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Review and tighten file/resource permissions.

Red Hat Fuse 7 EUVD-2025-208627

| CVE-2025-57849 MEDIUM

Incorrect Default Permissions (CWE-276)

2026-03-13 redhat

Privilege Escalation Red Hat Fuse 7

6.4

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.4 MEDIUM

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Red Hat

6.4 MEDIUM

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 13, 2026 - 07:58 euvd

EUVD-2025-208627

Analysis Generated

Mar 13, 2026 - 07:58 vuln.today

CVE Published

Mar 13, 2026 - 03:08 nvd

MEDIUM 6.4

DescriptionCVE.org

A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

AnalysisAI

Medium severity vulnerability in systemd. A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the a...

Technical ContextAI

Vulnerability Type: Incorrect Default Permissions (CWE-276) CVSS 3.1: 6.4/10.0 — Attack Vector: Local | Complexity: High | Privileges Required: High | User Interaction: None Attack Techniques: Privilege Escalation Source: redhat

RemediationAI

Monitor redhat for patches and updates. Reference: https://access.redhat.com/security/cve/CVE-2025-57849

Vendor StatusVendor

EUVD-2025-208627 vulnerability details – vuln.today

Back

Red Hat Fuse 7 EUVD-2025-208627

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Vendor StatusVendor

Share

External POC / Exploit Code