Platform
apache
Component
kvrocks
Fixed in
2.13.1
CVE-2025-59790 describes an Improper Privilege Management vulnerability discovered in Apache Kvrocks. This flaw could allow unauthorized users to gain elevated privileges, potentially leading to data breaches or system compromise. The vulnerability impacts versions 2.9.0 through 2.13.0 of Kvrocks, and a fix is available in version 2.14.0.
The Improper Privilege Management vulnerability in Apache Kvrocks allows an attacker to bypass access controls and execute actions with elevated privileges. Specifically, an attacker could potentially read, modify, or delete sensitive data stored within the Kvrocks database. The blast radius of this vulnerability depends on the level of access granted to the compromised user and the sensitivity of the data being managed. Successful exploitation could lead to significant data loss, disruption of services, and reputational damage. While no specific real-world precedent is immediately apparent, privilege escalation vulnerabilities often lead to widespread compromise if left unaddressed.
CVE-2025-59790 was published on 2025-11-28. There is currently no public proof-of-concept (POC) available. The EPSS score is pending evaluation. No active campaigns exploiting this vulnerability have been reported at this time. Monitor security advisories and threat intelligence feeds for any updates.
Exploit Status
EPSS
0.15% (36% percentile)
The primary mitigation for CVE-2025-59790 is to upgrade Apache Kvrocks to version 2.14.0 or later, which contains the fix. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing stricter access controls and privilege separation within your Kvrocks deployment. Review and restrict user permissions to the minimum necessary for their roles. Monitor Kvrocks logs for any suspicious activity indicative of privilege escalation attempts. While a WAF or proxy cannot directly address this vulnerability, they can help detect and block malicious requests attempting to exploit it.
Actualice Apache Kvrocks a la versión 2.14.0 o superior. Esta versión corrige la vulnerabilidad de gestión de privilegios que permite a usuarios no autorizados obtener privilegios de administrador mediante el comando RESET. La actualización es crucial para mantener la seguridad de su instancia de Kvrocks.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-59790 is a vulnerability in Apache Kvrocks versions 2.9.0–2.13.0 that allows unauthorized users to gain elevated privileges.
If you are running Apache Kvrocks version 2.9.0 through 2.13.0, you are potentially affected by this vulnerability.
Upgrade to Apache Kvrocks version 2.14.0 or later to resolve the vulnerability. Review and restrict user permissions.
No active exploitation campaigns have been reported at this time, but vigilance is advised.
Refer to the Apache Kvrocks project website and security mailing lists for the official advisory.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.