cbcvebase.
CVE-2025-20233
published 2025-03-26

CVE-2025-20233: In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in…

PriorityP410low3.3CVSS 3.1
AVLACLPRLUINSUCLINAN
EPSS
0.11%
1.6th percentile
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

Affected

2 ranges
VendorProductVersion rangeFixed in
splunksplunk_app_for_lookup_file_editing>= 4.0 < 4.0.54.0.5
splunksplunk_app_for_lookup_file_editing>= 4.0.0 < 4.0.54.0.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.