Vulnerability in Oracle Solaris Filesystem Component Affects Oracle Systems
CVE-2025-53070

5.5MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Solaris
Vendor: CVE Published:; 21 October 2025

What is CVE-2025-53070?

A vulnerability exists in the filesystem component of Oracle Solaris that can be exploited by a high privileged attacker with access to the infrastructure where Oracle Solaris runs. Successful exploitation requires human interaction from a different user, which complicates the attack. Although specific to Oracle Solaris, attacks can adversely affect other products as well. This vulnerability can lead to unauthorized manipulation, resulting in persistent crashes or hangs of the Oracle Solaris system, effectively causing a denial of service.

Affected Version(s)

Oracle Solaris 11

References

https://www.oracle.com/security-alerts/cpuoct2025.html

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2025
Vulnerability Reserved
Jun 24, 2025

JSON