CVE-2025-8432

Published: Oct 27, 2025Modified: Oct 30, 2025

8.4

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Exploitability: 1.7 / Impact: 6.0

Source: bd4443e6-1eef-43f3-9886-25fc9ceeaae7 (Secondary)

Description

Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://github.com/centreon/centreon/releases

Source: bd4443e6-1eef-43f3-9886-25fc9ceeaae7

https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-8432-centreon-mbi-high-severity-5180

Source: bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Timeline

No history available yet.