Improper Privilege Management in AlgoSec Firewall Analyzer for Linux
CVE-2025-12381

6.1MEDIUM

Key Information:

Vendor: Algosec
Status: Firewall Analyzer
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-12381?

A vulnerability in AlgoSec Firewall Analyzer for Linux allows local users to escalate privileges by exploiting improperly managed parameters of commands listed in the sudoers file. This issue affects specific versions of the Firewall Analyzer, enabling attackers with local access to gain elevated permissions, potentially compromising the security of the system.

Affected Version(s)

Firewall Analyzer Linux A33.0 (up to build 320)

Firewall Analyzer Linux A33.10 (up to build 220)

References

https://techdocs.algosec.com/en/cves/Content/tech-notes/c...

CVSS V4

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Oct 28, 2025

Credit

Charlie Lindholm

JSON