Command Execution Vulnerability in OpenCTI by OpenCTI Platform

CVE-2025-24977

What is CVE-2025-24977?

CVE-2025-24977 is a command execution vulnerability affecting OpenCTI, an open-source cyber threat intelligence platform designed to facilitate the sharing and analysis of threat data. This platform is utilized by organizations to improve their cybersecurity posture by centralizing threat information and providing insights into potential risks. The vulnerability specifically impacts versions prior to 6.4.11, where users with the manage customizations capability can execute arbitrary commands on the infrastructure hosting OpenCTI. This exploitation is done through the misuse of web-hooks, which allows an attacker to gain a root shell inside a container. This level of access can lead to drastic consequences, exposing internal server secrets and creating significant security risks for organizations utilizing the platform.

Potential impact of CVE-2025-24977

1. Unauthorized Command Execution: The core issue allows malicious users to execute arbitrary commands on the server infrastructure, leading to unauthorized access and potential control over critical systems. This vulnerability could enable other malicious activities, including data manipulation or system sabotage.

2. Exposure of Sensitive Information: By gaining access to server-side secrets, attackers can uncover sensitive information stored on the infrastructure. This can include credentials, confidential data, and other valuable information that can be exploited for further attacks or data breaches.

3. Increased Attack Surface: The ability to execute commands at a high privilege level within the OpenCTI environment opens the door for attackers to launch additional attacks against other linked systems, thereby compromising the entire network infrastructure and leading to widespread impacts beyond the immediate OpenCTI deployment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References