CVE-2025-20386

CWE-732 — Incorrect Permission Assignment CWE-401 — Memory Leak4 documents4 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 86.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Splunk Enterprise Splunk Splunk

Timeline

PublishedDec 3

Description

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5splunk/splunk_enterprise10.0 — 10.0.2+3

▶NVDsplunk/splunk9.2.0 — 9.2.10+3

🔴Vulnerability Details

CVEList

Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade↗2025-12-03

▶

GHSA

GHSA-3fqq-36h4-cgvc: In Splunk Enterprise for Windows versions below 10↗2025-12-03

▶

📋Vendor Advisories

Microsoft

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command a memory leak may occur.↗2020-01-14

▶