CVE-2025-63909

EUVD-2025-208241
Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
cohesitytranzman
4.0:build14614
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/GregDurys/d402038147e36de5908159d9722072ef
https://github.com/GregDurys/Cohesity-TranZman-CVEs