CVE-2025-54469

Source
https://cve.org/CVERecord?id=CVE-2025-54469
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54469.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-54469
Aliases
Downstream
Related
Published
2025-10-30T09:41:57.086Z
Modified
2026-07-09T16:28:37.246528Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Details

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values.

The entry process of the enforcer container is the monitor process. When the enforcer container stops, the monitor process checks whether the consul subprocess has exited. To perform this check, the monitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.

The values of environment variables CLUSTERRPCPORT and CLUSTERLANPORT are used directly to compose shell commands via popen without validation or sanitization. This behavior could allow a malicious user to inject malicious commands through these variables within the enforcer container.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "0.0.0-20230727023453-1c4957d53911"
                },
                {
                    "fixed": "0.0.0-20251020133207-084a437033b4"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/54xxx/CVE-2025-54469.json",
    "cna_assigner": "suse",
    "cwe_ids": [
        "CWE-78"
    ]
}
References

Affected packages

Git / github.com/neuvector/neuvector

Affected ranges

Type
GIT
Repo
https://github.com/neuvector/neuvector
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "5.3.0"
        },
        {
            "fixed": "5.3.5"
        },
        {
            "introduced": "5.4.0"
        },
        {
            "fixed": "5.4.7"
        }
    ]
}

Database specific

vanir_signatures_modified
"2026-07-09T16:28:37Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54469.json"
vanir_signatures
[
    {
        "id": "CVE-2025-54469-4d8d5b72",
        "digest": {
            "line_hashes": [
                "262057388879917243189218491470984257527",
                "14921899989987925630745045864773771899",
                "39336313110153916292610461233912775615",
                "122213556171299040661316363932857227343",
                "248864694094604996174521579548084376617",
                "245555888558265551945563786837230817483",
                "241126453214753175649298278327804890624",
                "123501170731759099835043262120301087313",
                "307078153949658971802958921264443009462",
                "280812318964051615609602534227852975830",
                "51073143911989685228255760958889349844",
                "322863322263352202393715665988828156123",
                "333317758168122818203689769233219989536",
                "145293007820601120448501876307783643629",
                "205855968643439065789807805755472618390",
                "71630680853029690589418460919674490123",
                "69463341289600039050080627345162218089",
                "191300362064051485058579562155928839556",
                "211050457160173882409008987861322706250",
                "251416315217988600183181041546450719320",
                "8539180465425760721971263313424676338",
                "176963135227364512382482193004657182656",
                "79142855919862123745364460847322458251",
                "23291377475150734789415874060058720199",
                "193629810988016936904994233841817424087",
                "136082482819317702170984834423328308783",
                "170444029580348895673865957708906026185",
                "151389820566683325416706412605668287280",
                "265956433710846152281833282779939580439",
                "246485831115555678983439992929954130719"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/neuvector/neuvector/commit/06424701e69bf1eb76ff90180d78853fded93021",
        "deprecated": false,
        "target": {
            "file": "monitor/monitor.c"
        }
    },
    {
        "id": "CVE-2025-54469-8127bb67",
        "digest": {
            "function_hash": "265690441905594406101508408213789672699",
            "length": 963.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/neuvector/neuvector/commit/06424701e69bf1eb76ff90180d78853fded93021",
        "deprecated": false,
        "target": {
            "function": "check_consul_ports",
            "file": "monitor/monitor.c"
        }
    },
    {
        "id": "CVE-2025-54469-e59796ed",
        "digest": {
            "function_hash": "282408489853289947297947876889022519981",
            "length": 10755.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/neuvector/neuvector/commit/06424701e69bf1eb76ff90180d78853fded93021",
        "deprecated": false,
        "target": {
            "function": "fork_exec",
            "file": "monitor/monitor.c"
        }
    }
]