CVE-2025-0914 — LOW (3.8) — White Hats Nepal

Q: How severe is CVE-2025-0914?

CVE-2025-0914 has been rated LOW with a CVSS base score of 3.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-0914?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.

Vulnerability Description

An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly forbidden by configuring the prevent_execve flag in the configuration file. This setting is not usually recommended and is uncommonly used, so this issue will only affect users who do set it. This issue is fixed in release 0.73.4.

CVSS Score

3.8

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Related Weaknesses (CWE)

CWE-281

References

https://docs.velociraptor.app/announcements/advisories/cve-2025-0914/

FAQ

What is CVE-2025-0914?

CVE-2025-0914 is a vulnerability with a CVSS score of 3.8 (LOW). An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly forbidde...

How severe is CVE-2025-0914?

CVE-2025-0914 has been rated LOW with a CVSS base score of 3.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-0914?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.