Command Injection Vulnerability in NeuVector Enforcer by NeuVector
CVE-2025-54469
What is CVE-2025-54469?
CVE-2025-54469 is a command injection vulnerability affecting the NeuVector Enforcer, a component of the NeuVector container security platform developed by NeuVector, which is now a part of SUSE. The Enforcer is designed to monitor and secure containerized applications, ensuring compliance and protecting against security threats in dynamic environments. This vulnerability arises from the improper handling of environment variables (CLUSTER_RPC_PORT and CLUSTER_LAN_PORT), which are utilized to form shell commands through the popen function without adequate sanitization. As a result, attackers could inject arbitrary commands via these environment variables, leading to unauthorized command execution within the Enforcer container. This can compromise the integrity of the containerized applications and potentially allow further exploitation within the network.
Potential impact of CVE-2025-54469
-
Unauthorized Command Execution: The vulnerability allows malicious users to manipulate environment variables to execute arbitrary commands, potentially leading to unauthorized access and control over the system’s operations.
-
Compromise of Containerized Applications: As the NeuVector Enforcer monitors and manages security policies for containerized applications, exploitation of this vulnerability could disrupt the security posture of these applications, exposing sensitive data and allowing lateral movement within the network.
-
Increased Attack Surface: With the ability to inject commands, attackers can exploit this vulnerability to escalate privileges or deploy further attacks, potentially leading to larger breaches or the deployment of malware within the organization’s infrastructure.
Affected Version(s)
neuvector 5.3.0 < 5.3.5
neuvector 5.4.0 < 5.4.7
neuvector 0.0.0-20230727023453-1c4957d53911 < 0.0.0-20251020133207-084a437033b4