1. Home
  2. CVE Database
  3. CVE-2025-6723
NONE · 0

CVE-2025-6723

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and explo...

Vulnerability Description

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially resulting in elevated privileges or operational disruption. This issue affects Chef Inspec: through 5.23 and before 7.0.107

Related Weaknesses (CWE)

CWE-287CWE-269

References

FAQ

What is CVE-2025-6723?

CVE-2025-6723 is a documented vulnerability. Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and explo...

How severe is CVE-2025-6723?

CVSS scoring is not yet available for CVE-2025-6723. Check NVD for updates.

Is there a patch for CVE-2025-6723?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.