File Overwrite Vulnerability in Kea DHCP Server by ISC
CVE-2025-32802
6.1MEDIUM
What is CVE-2025-32802?
The Kea DHCP server has a vulnerability that allows misconfigured API directives to lead to arbitrary file overwrites. This can occur when Kea is operated with elevated permissions, such as running as a root user, and when its API entry points are left unsecured. Additionally, insecure control socket paths can expose the server to risks, permitting unauthorized file modifications. Affected versions include Kea 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.
Affected Version(s)
Kea 2.4.0 <= 2.4.1
Kea 2.6.0 <= 2.6.2
Kea 2.7.0 <= 2.7.8
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
ISC would like to thank Matthias Gerstner from the SUSE security team for bringing this vulnerability to our attention.