Improper Authorization in Elastic Cloud Enterprise by Elastic
CVE-2025-37736

8.8HIGH

Key Information:

Vendor: Elastic
Status: Elastic Cloud Enterprise (ece)
Vendor: CVE Published:; 7 November 2025

What is CVE-2025-37736?

CVE-2025-37736 is a significant vulnerability identified in Elastic Cloud Enterprise, developed by Elastic. This product is primarily used for managing cloud deployments of the Elastic Stack, which serves multifaceted purposes such as data indexing, searching, and analytics. The nature of this vulnerability lies in improper authorization mechanisms, allowing a built-in readonly user account to access and invoke APIs that exceed its intended permissions. As a result, this can lead to privilege escalation, enabling unauthorized users to manipulate configurations and access sensitive operations that should be restricted. Specifically, the vulnerability affects various critical API endpoints, including those related to service accounts and user authentication keys. This poses a risk for organizations that rely on Elastic Cloud Enterprise for data management, exposing them to potential misuse of user permissions and unauthorized data exposure.

Potential impact of CVE-2025-37736

Privilege Escalation: The vulnerability allows a readonly user to execute privileged operations, such as managing user accounts and authentication keys. This can enable unauthorized actions that compromise security protocols, leading to potential data integrity issues and unauthorized access to sensitive information.
Unauthorized Access to Critical Resources: With the ability to call sensitive APIs, an attacker could gain access to service account configurations and authentication keys, potentially allowing them to escalate their access privileges further or impersonate other user roles within the Elastic Cloud system.
Data Breaches and Compliance Violations: Organizations that experience unauthorized access as a result of this vulnerability may face data breaches, leading to legal and compliance repercussions. This could result in significant financial losses and damage to the organization's reputation, particularly for those subject to regulatory compliance standards.

Affected Version(s)

Elastic Cloud Enterprise (ECE) 3.8.0 <= 3.8.2

Elastic Cloud Enterprise (ECE) 4.0.0 <= 4.0.2

References

https://discuss.elastic.co/t/elastic-cloud-enterprise-ece...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 7, 2025
Vulnerability Reserved
Apr 16, 2025

JSON