CVE-2025-32803 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
isc	CNA	4 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
isc	kea	2.4.0 ≤ 𝑥 ≤ 2.4.1	CNA
isc	kea	2.6.0 ≤ 𝑥 ≤ 2.6.2	CNA
isc	kea	2.7.0 ≤ 𝑥 ≤ 2.7.8	CNA

Debian Releases

Debian Product

Codename

isc-kea

bookworm	vulnerable
forky	3.0.3-1 fixed
sid	3.0.3-1 fixed
trixie	2.6.3-1 fixed

openSUSE / SLES Releases

openSUSE Product

Release

kea

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

kea-devel

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

kea-doc

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

kea-hooks

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-asiodns49

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-asiolink72

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-cc68

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-cfgclient66

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-cryptolink50

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-d2srv47

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-database62

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-dhcp++92

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-dhcp_ddns57

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-dhcpsrv111

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-dns++57

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-eval69

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-exceptions33

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-hooks100

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-http72

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-log61

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-mysql71

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-pgsql71

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-process74

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-stats41

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-tcp19

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-util-io0

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

libkea-util86

suse enterprise sap 15 SP7	2.6.3-150700.3.3.5 fixed
suse enterprise server 15 SP6	2.6.3-150600.13.6.1 fixed
suse enterprise server 15 SP7	2.6.3-150700.3.3.5 fixed

python3-kea

suse enterprise server 15 SP6

2.6.3-150600.13.6.1

fixed

Common Weakness Enumeration

CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References

https://kb.isc.org/docs/cve-2025-32803