CVE-2025-34075Incorrect Default Permissions in Vagrant

CWE-276Incorrect Default PermissionsCWE-668Resource ExposureCWE-94Code Injection3 documents3 sources
Severity
MEDIUM
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Hashicorp Vagrant
Timeline
PublishedJul 2

Description

HashiCorp Vagrant has code injection vulnerability through default synced folders An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant (or C:\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant comma

Affected Packages1 packages

RubyGemshashicorp/vagrant2.2.102.4.7

🔴Vulnerability Details

2
OSV
HashiCorp Vagrant has code injection vulnerability through default synced folders2025-07-02
GHSA
HashiCorp Vagrant has code injection vulnerability through default synced folders2025-07-02

📋Vendor Advisories

1
Red Hat
vagrant: HashiCorp Vagrant Host Code Execution2025-07-02