A security advisory has been issued for MITRE Caldera due to a critical Remote Code Execution vulnerability (CVE-2025-27364) found in the server's dynamic compilation process. This flaw, affecting the Manx and Sandcat agents, allows malicious actors to execute arbitrary code on the server, which could lead to broader compromises across an organization's systems. Experts emphasize the urgency for organizations to patch this vulnerability immediately and assess any potential breaches, as the risks associated with such software are significant for business security.
If Caldera or any organization-wide security tool gets compromised, it would put the attacker in a position to compromise additional systems throughout the organization.
The remote code execution vulnerability exists because of insufficient imposition of security restrictions and input sanitization in Caldera's agent compilation process.
#security-advisory #remote-code-execution #mitre-caldera #cybersecurity-vulnerability #threat-assessment
Collection
[
|
...
]