Plateforme
linux
Composant
zimaos
Corrigé dans
1.4.2
CVE-2025-58432 describes a privilege escalation vulnerability affecting ZimaOS versions up to 1.4.1. This flaw allows any user with access to localhost to upload files as the root user, potentially leading to complete system compromise. The vulnerability resides within the /v2_1/files/file/uploadV2 endpoint. A fix is available in version 1.4.2.
The impact of this vulnerability is severe. An attacker who can access localhost on a ZimaOS system can exploit this flaw to upload arbitrary files as the root user. This grants them complete control over the system, allowing them to install malware, modify system configurations, steal sensitive data, or even pivot to other systems on the network. The ability to execute code with root privileges significantly expands the attack surface and increases the potential for widespread damage. This vulnerability is particularly concerning given ZimaOS's use in managing Zima devices, which often handle sensitive data and control critical infrastructure.
CVE-2025-58432 was publicly disclosed on 2025-09-17. There is currently no known public proof-of-concept (POC) code available. The EPSS score is pending evaluation, but the vulnerability's potential for root privilege escalation suggests a medium to high probability of exploitation if a POC is released. It is not currently listed on the CISA KEV catalog.
Organizations and individuals using ZimaOS for managing Zima devices or running it on x86-64 systems with UEFI are at risk. This includes users who have configured permissive access controls to localhost and those who have not yet upgraded to the latest version of ZimaOS. Shared hosting environments running ZimaOS are particularly vulnerable due to the potential for cross-tenant exploitation.
• linux / server:
journalctl -u zimaos | grep -i "uploadV2"• linux / server:
ps aux | grep -i "root" | grep -i "/v2_1/files/file/uploadV2"• linux / server:
find / -name "*.sh" -type f -mtime -7 -user rootdisclosure
Statut de l'Exploit
EPSS
0.04% (percentile 12%)
CISA SSVC
The primary mitigation for CVE-2025-58432 is to upgrade ZimaOS to version 1.4.2 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restricting access to localhost for non-essential users can help limit the potential attack surface. Implementing strict file upload validation and sanitization on the /v2_1/files/file/uploadV2 endpoint can also reduce the risk, although this is not a complete solution. Monitor system logs for suspicious file upload activity and unusual root user processes.
Actualice ZimaOS a una versión posterior a la 1.4.1. Esto corrige la vulnerabilidad que permite la escalada de privilegios a través de la API de carga de archivos. Asegúrese de que su sistema esté actualizado para evitar la explotación de esta vulnerabilidad.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-58432 is a vulnerability in ZimaOS versions ≤1.4.1 that allows attackers to upload files as root, potentially gaining full system control.
If you are running ZimaOS version 1.4.1 or earlier, you are potentially affected by this vulnerability. Check your version and upgrade accordingly.
Upgrade ZimaOS to version 1.4.2 or later to resolve this vulnerability. If upgrading is not possible, implement temporary workarounds like restricting localhost access.
As of the current disclosure date, there is no confirmed active exploitation of CVE-2025-58432, but the potential for exploitation is high.
Refer to the official ZimaOS security advisories on their website or GitHub repository for the latest information and updates regarding CVE-2025-58432.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.