Privilege Escalation in Xormon Original Appliance by Authenticated Users
CVE-2025-54767

6.5MEDIUM

Key Information:

Vendor: Xorux
Status: Lpar2rrd
Vendor: CVE Published:; 29 July 2025

What is CVE-2025-54767?

An authenticated, read-only user on the Xormon Original virtual appliance has the ability to terminate processes running as the lpar2rrd user. This flaw could potentially allow an attacker to disrupt service operations by killing critical processes, leading to a denial of service or other unforeseen consequences.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

LPAR2RRD Linux 8.04

References

https://korelogic.com/Resources/Advisories/KL-001-2025-01...

third-party-advisory

https://lpar2rrd.com/note800.php

release-notes

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2025

JSON

Xorux