Privilege Escalation Vulnerability in Checkmk Agent Plugin
CVE-2025-32917

5.2MEDIUM

Key Information:

Vendor: Checkmk Gmbh
Status: Checkmk
Vendor: CVE Published:; 13 May 2025

🔔 Create Checkmk Gmbh Vulnerability Alert

What is CVE-2025-32917?

A privilege escalation vulnerability exists in the jar_signature agent plugin of Checkmk that affects multiple versions. This flaw allows a user with write access to the JAVA_HOME/bin directory to gain elevated privileges, which can lead to unauthorized actions on the system. Organizations utilizing affected version are advised to implement immediate mitigation measures.

Affected Version(s)

Checkmk 2.4.0 < 2.4.0b7

Checkmk 2.3.0 < 2.3.0p32

Checkmk 2.2.0 < 2.2.0p42

References

https://checkmk.com/werk/17985

CVSS V4

Score:

5.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Apr 14, 2025

JSON