プラットフォーム
php
コンポーネント
moodle/moodle
修正版
4.5.4
4.4.8
4.3.12
4.1.18
4.1.18
CVE-2025-3638 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in the Brickfield tool within Moodle. This flaw allows an attacker to potentially trigger unintended actions on a user's account if they are tricked into clicking a malicious link. The vulnerability impacts Moodle versions up to 4.1.9, and a patch is available in version 4.1.18.
The core impact of this CSRF vulnerability lies in the potential for unauthorized actions being performed on a user's behalf. An attacker could craft a malicious link that, when clicked by a logged-in Moodle user, could modify settings, create content, or perform other actions as if the user initiated them. The severity is considered LOW due to the requirement for user interaction (clicking a malicious link) and the limited scope of the Brickfield tool. However, in environments with shared accounts or where user awareness is low, the risk is amplified. Successful exploitation could lead to data modification or unauthorized access to specific Moodle functionalities.
CVE-2025-3638 was published on April 25, 2025. As of this date, there are no publicly known active campaigns exploiting this specific vulnerability. No public Proof-of-Concept (POC) code has been released. The vulnerability is not currently listed on KEV or EPSS, suggesting a low probability of exploitation. Monitor security advisories and threat intelligence feeds for any changes in this assessment.
エクスプロイト状況
EPSS
0.14% (34% パーセンタイル)
The primary mitigation for CVE-2025-3638 is to upgrade Moodle to version 4.1.18 or later, which includes the necessary fix. If immediate upgrading is not feasible, consider implementing temporary workarounds. While a direct workaround for CSRF is difficult, restricting access to the Brickfield tool to trusted users and implementing stricter input validation can reduce the attack surface. Review Moodle’s security recommendations for additional hardening steps. After upgrading, verify the fix by attempting to trigger the vulnerable action with a crafted request and confirming it is blocked.
Actualice Moodle a la última versión disponible. Las versiones 4.5.4, 4.4.8, 4.3.12 y 4.1.18 corrigen la vulnerabilidad CSRF en la herramienta Brickfield. Esto evitará que atacantes ejecuten acciones no autorizadas en nombre de usuarios autenticados.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-3638 is a Cross-Site Request Forgery (CSRF) vulnerability in Moodle's Brickfield tool, allowing attackers to perform unauthorized actions if a user clicks a malicious link. It affects versions up to 4.1.9.
You are affected if you are running Moodle version 4.1.9 or earlier. Check your Moodle version and upgrade immediately to mitigate the risk.
Upgrade Moodle to version 4.1.18 or later to resolve the vulnerability. If upgrading is not immediately possible, consider temporary workarounds like restricting access to the Brickfield tool.
As of April 25, 2025, there are no publicly known active campaigns exploiting CVE-2025-3638, and no public POC code has been released.
Refer to the official Moodle security advisory for CVE-2025-3638 on the Moodle website: [https://security.moodle.org/ (replace with actual link when available)].