WARNING: PATH TRAVERSAL IN MATTERMOST, PATCH IMMEDIATELY!
Referentie:
Advisory #2025-43
Versie:
1.0
Geïmpacteerde software:
Mattermost
Type:
Path Traversal
CVE/CVSS:
CVE-2025-25279: CVSS 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVE-2025-20051: CVSS 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
Datum:
25/02/2025
Bronnen
https://mattermost.com/security-updates/
Risico’s
Mattermost addressed two critical vulnerabilities that allow attackers to read arbitrary files.
Mattermost is a high value target for attackers seeking to expose sensitive data. Exploiting this flaw could severely impact confidentiality, integrity, and availability of business data
Beschrijving
CVE-2025-20051 and CVE-2025-25279 are critical vulnerabilities in Mattermost ≤ 10.4.1, 9.11.7, 10.3.2, 10.2.2 due to improper input and board block validation. These flaws allow an attacker to read arbitrary files through crafted board duplication and import archives.
Exploiting this vulnerability could expose sensitive data, disrupt communication, and lead to severe breaches, impacting business security.
Aanbevolen acties
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.