Filesystem Vulnerability in Oracle Solaris by Oracle Systems
CVE-2025-30690

7.2HIGH

Key Information:

Vendor: Oracle
Status: Oracle Solaris
Vendor: CVE Published:; 15 April 2025

What is CVE-2025-30690?

A vulnerability exists in the Oracle Solaris Filesystem component, potentially allowing a high-privileged attacker with logon access to the infrastructure to compromise the system. Exploitation requires human interaction from a third party, indicating that additional safeguards may be necessary. While the vulnerability resides in Oracle Solaris, the consequences of a successful attack can extend beyond Solaris itself, potentially affecting other connected products. This vulnerability exposes Oracle Solaris to risks of unauthorized access and control.

Affected Version(s)

Oracle Solaris 11

References

https://www.oracle.com/security-alerts/cpuapr2025.html

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Mar 25, 2025