{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-58713", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-09-03T15:20:52.037Z", "datePublished": "2026-04-08T13:55:11.428Z", "dateUpdated": "2026-04-08T14:28:41.733Z"}, "containers": {"cna": {"title": "Rhpam: privilege escalation via excessive /etc/passwd permissions", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-businesscentral-monitoring-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-businesscentral-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-controller-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-dashbuilder-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-kieserver-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhpam-process-migration-rhel8", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-58713", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394419", "name": "RHBZ#2394419", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2026-04-08T13:44:47.211Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-276: Incorrect Default Permissions", "timeline": [{"lang": "en", "time": "2025-09-10T17:32:17.181Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-04-08T13:44:47.211Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-04-08T13:55:11.428Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-08T14:28:06.782039Z", "id": "CVE-2025-58713", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T14:28:41.733Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-58713", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-08T14:28:06.782039Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T14:28:37.875Z"}}], "cna": {"title": "Rhpam: privilege escalation via excessive /etc/passwd permissions", "credits": [{"lang": "en", "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-businesscentral-monitoring-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-businesscentral-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-controller-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-dashbuilder-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-kieserver-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"], "vendor": "Red Hat", "product": "Red Hat Process Automation 7", "packageName": "rhpam-process-migration-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}], "timeline": [{"lang": "en", "time": "2025-09-10T17:32:17.181Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-04-08T13:44:47.211Z", "value": "Made public."}], "datePublic": "2026-04-08T13:44:47.211Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-58713", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394419", "name": "RHBZ#2394419", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-04-08T13:55:11.428Z"}, "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"}}, "cveMetadata": {"cveId": "CVE-2025-58713", "state": "PUBLISHED", "dateUpdated": "2026-04-08T14:28:41.733Z", "dateReserved": "2025-09-03T15:20:52.037Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2026-04-08T13:55:11.428Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}], "id": "CVE-2025-58713", "lastModified": "2026-04-08T21:26:13.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2026-04-08T14:16:26.433", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-58713"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394419"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-08T15:20:23.148813+00:00", "value": {"mitigation_remediation": ["Upgrade to a fixed version of the Red\u00a0Hat\u00a0Process\u00a0Automation\u00a0Manager container image from Red\u00a0Hat.", "Ensure the container runs under the least privilege model and that no non\u2011root user has joinable membership in the root group.", "Verify that the /etc/passwd file inside the container has permissions set to 644 and is not group writable.", "Apply any vendor patches or updates as soon as they become available.", "Implement runtime container security controls, such as seccomp and SELinux policies, to restrict file write operations.", "Monitor container logs for unauthorized modifications to /etc/passwd or other critical configuration files."], "summary": {"action": "Apply Patch", "impact": "Container Privilege Escalation to Root"}, "threat_synthesis": {"affected_systems": "The flaw affects Red Hat Process Automation Manager 7 container images (Red\u00a0Hat\u00a0Process\u00a0Automation\u00a07). Specific patch or version numbers are not provided in the advisory. All images built from the affected factory that include the vulnerable /etc/passwd permissions are impacted.", "description_and_impact": "The vulnerability arises because the /etc/passwd file is built with group\u2011writable permissions in Red Hat Process Automation Manager container images. An attacker who can run commands inside the container, even as a non\u2011root user, can take advantage of membership in the root group to modify this file. By adding a user entry with any arbitrary UID\u2014including UID 0\u2014the attacker gains full root privileges within the container. This is a classic privilege escalation flaw identified as CWE\u2011276.", "risk_and_exploitability": "The CVSS score is 6.4, indicating a moderate severity. No EPSS score is available and the vulnerability is not listed in the CISA KEV catalog. Exploitability requires the attacker to already execute code inside the container, which is a significant but not trivial prerequisite. Once inside, the elevated privileges can be achieved with minimal effort, making the exploit highly valuable if the initial access is gained."}}}}, "created": "2026-04-08T19:39:25.088393+00:00", "updated": "2026-04-08T19:39:25.088427+00:00", "vendors": []}