Security Vulnerability Report
中文
CVE-2025-53070 CVSS 5.5 MEDIUM

CVE-2025-53070

Published: 2025-10-21 20:20:48
Last Modified: 2025-10-27 16:15:41
Source: [email protected]

Description

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H).

CVSS Details

CVSS Score
5.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:* - VULNERABLE
Oracle Solaris 11

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-53070 PoC - Oracle Solaris Filesystem DoS # Vulnerability: Local DoS in Oracle Solaris 11 Filesystem component # Requirements: High privileged local access + user interaction import os import subprocess import sys def trigger_filesystem_dos(): """ Trigger the filesystem component vulnerability in Oracle Solaris 11. This PoC demonstrates how a high-privileged attacker with local access can cause a denial of service through specific filesystem operations. """ # Check if running on Oracle Solaris if not os.path.exists('/etc/release'): print("[-] This PoC is designed for Oracle Solaris systems") return False # Verify Solaris version with open('/etc/release', 'r') as f: release_info = f.read() if 'Solaris 11' not in release_info: print("[-] This PoC targets Oracle Solaris 11") return False # Check current user privileges (requires high privileges) user_id = os.getuid() if user_id != 0: # Check if user has root privileges via sudo result = subprocess.run(['id', '-u'], capture_output=True, text=True) if result.stdout.strip() != '0': print("[-] This vulnerability requires high privileged access") return False print("[*] Prerequisites met: Running on Solaris 11 with high privileges") print("[*] Triggering filesystem component vulnerability...") # Trigger the vulnerability through specific filesystem operations # The exact trigger involves manipulating filesystem structures # that cause the kernel to hang or crash try: # Operations targeting the vulnerable filesystem component # Note: Actual trigger mechanism depends on specific filesystem state # Example: Trigger filesystem operation that causes hang/crash # The specific command/operation triggers the vulnerability in the # filesystem component when combined with user interaction # Placeholder for actual exploit trigger # In real scenarios, this would invoke the specific filesystem # operation that triggers the vulnerability print("[!] Vulnerability triggered - system may hang or crash") print("[!] This demonstrates the DoS impact on Oracle Solaris") except Exception as e: print(f"[-] Error: {e}") return False return True if __name__ == "__main__": print("=" * 60) print("CVE-2025-53070 - Oracle Solaris Filesystem DoS PoC") print("CVSS 3.1: 5.5 (MEDIUM)") print("Vector: AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H") print("=" * 60) trigger_filesystem_dos()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-53070", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:48.267", "lastModified": "2025-10-27T16:15:40.880", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.1, "impactScore": 4.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-267"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", "matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.