CVE-2025-45311

Published: Nov 26, 2025Modified: Dec 3, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is behaving in accordance with its intended privilege model.

Related CWEs

CWE-266

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

References (4)

https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2

Source: cve@mitre.org

https://github.com/fail2ban/fail2ban/issues/4110

Source: cve@mitre.org

https://packetstorm.news/files/id/189989

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2025/12/03/2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.