CVE-2025-12801

CWE-279 CWE-732 — Incorrect Permission Assignment8 documents8 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 97.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux Redhat Openshift Container Platform

Timeline

PublishedMar 4

Description

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶Debiannfs-utils< 1:2.8.6-1

Also affects: Enterprise Linux 10.0, 6.0, 7.0, 8.0, 9.0, Openshift Container Platform 4.0

🔴Vulnerability Details

OSV

CVE-2025-12801: A vulnerability was recently discovered in the rpc↗2026-03-04

▶

CVEList

Nfs-utils: rpc.mountd in the nfs-utils privilege escalation↗2026-03-04

▶

GHSA

GHSA-q8x7-j9x6-2fpc: A vulnerability was recently discovered in the rpc↗2026-03-04

▶

📋Vendor Advisories

Red Hat

nfs-utils: rpc.mountd in the nfs-utils privilege escalation↗2026-03-04

▶

Oracle

Oracle Oracle Fusion Middleware Risk Matrix: Third Party (logback) — CVE-2024-12801↗2025-07-15

▶

Debian

CVE-2025-12801: nfs-utils - A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-util...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-12801 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶