CVE-2025-6264
published 2025-06-20CVE-2025-6264: Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated…
PriorityP181medium5.5CVSS 3.1
AVNACHPRHUINSCCLILAL
ITWVulnCheck KEVRansomware
Exploited in the wild
EPSS
0.96%
57.2th percentile
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch.
The Admin.Client.UpdateClientConfig is an artifact used to update the client's configuration. This artifact did not enforce an additional required permission, allowing users with COLLECT_CLIENT permissions (normally given by the "Investigator" role) to collect it from endpoints and update the configuration.
This can lead to arbitrary command execution and endpoint takeover.
To successfully exploit this vulnerability the user must already have access to collect artifacts from the endpoint (i.e. have the COLLECT_CLIENT given typically by the "Investigator' role).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rapid7 | velociraptor | < 0.74.3 | 0.74.3 |
| www.velocidex.com | golang_velociraptor | >= 0 < 0.74.3 | 0.74.3 |
Detection & IOCsextracted from sources · hover to see the quote
commandC:\Windows\System32\cmd.exe cmd.exe /Q /c cmd /c c:\windows\temp\1.bat /y 1> \Windows\Temp\suLGnR 2>&1↗
- →Detect msiexec spawning with a remote Azure Blob Storage URL containing '/veeam/v2.msi' as the install source — this is the delivery mechanism for the malicious Velociraptor MSI. ↗
- →Alert on Velociraptor process launching repeatedly on a host that has been network-isolated — actors relaunched the tool multiple times even after isolation. ↗
- →Detect PowerShell scripts containing the RSA public key string 'tdIXltqjmTpXRB43p+k6X9+JqBZvsD7+' — this is embedded in the fileless Warlock encryptor PowerShell script. ↗
- →Monitor for Velociraptor artifact collection of 'Admin.Client.UpdateClientConfig' by users with only COLLECT_CLIENT / Investigator role — this is the exploited artifact that does not enforce the required EXECVE permission. ↗
- →Alert on Visual Studio Code being downloaded and executed by Velociraptor client processes — threat actors leveraged this to create C2 tunnels. ↗
- ·Talos could not confirm whether CVE-2025-6264 was actively exploited in the campaign — the vulnerable version was present but exploitation was not definitively observed. ↗
- ·CVE-2025-6264 requires the attacker to already hold COLLECT_CLIENT permissions (Investigator role) — it is a privilege escalation within Velociraptor, not an unauthenticated entry point. ↗
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
vulncheck5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
osv·2025-07-28
CVE-2025-6264 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
GHSA
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
ghsa·2025-06-20
CVE-2025-6264 [MEDIUM] CWE-276 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch.
The Admin.Client.UpdateClientConfig is an artifact used to update the client's configuration. This artifact did not enforce an additional required permission, allowing users with COLLECT_CLIENT permissions (normally given by the "Investigator" role) to collect it from endpoints and update the configuration.
This can lead to arbitrary command execution and endpoint takeover.
To successfully exploit this vulnerability the u
OSV
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
osv·2025-06-20
CVE-2025-6264 [MEDIUM] Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch.
The Admin.Client.UpdateClientConfig is an artifact used to update the client's configuration. This artifact did not enforce an additional required permission, allowing users with COLLECT_CLIENT permissions (normally given by the "Investigator" role) to collect it from endpoints and update the configuration.
This can lead to arbitrary command execution and endpoint takeover.
To successfully exploit this vulnerability the u
VulnCheck
rapid7 velociraptor Incorrect Default Permissions
vulncheck·2025·CVSS 5.5
CVE-2025-6264 [MEDIUM] rapid7 velociraptor Incorrect Default Permissions
rapid7 velociraptor Incorrect Default Permissions
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch.
The Admin.Client.UpdateClientConfig is an artifact used to update the client's configuration. This artifact did not enforce an additional required permission, allowing users with COLLECT_CLIENT permissions (normally given by the "Investigator" role) to collect it from endpoints and update the configuration.
This can lead to arbitrary command execution and endpoint takeover.
To successfully exploit this vulnerability the user must already have ac
No detection rules found.
No public exploits indexed.
Talos
IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response
blogs_talos·2025-10-23
IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response
Threat actors predominately exploited public-facing applications for initial access this quarter, with this tactic appearing in over 60 percent of Cisco Talos Incident Response (Talos IR) engagements – a notable increase from less than 10 percent last quarter. This spike is largely attributable to a wave of engagements involving ToolShell, an attack chain that targets on-premises Microsoft SharePoint servers through exploitation of vulnerabilities that were publicly disclosed in July. We also saw an increase in post-exploitation phishing campaigns launched from compromised valid accounts this quarter, a trend we noted last quarter, with threat actors using this technique to expand their attack both within the compromised organizations as well as to external partner entities.
Watch this di
Talos
IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response
blogs_talos·2025-10-23
IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response
## IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response
Threat actors predominately exploited public-facing applications for initial access this quarter, with this tactic appearing in over 60 percent of Cisco Talos Incident Response (Talos IR) engagements – a notable increase from less than 10 percent last quarter. This spike is largely attributable to a wave of engagements involving ToolShell , an attack chain that targets on-premises Microsoft SharePoint servers through exploitation of vulnerabilities that were publicly disclosed in July. We also saw an increase in post-exploitation phishing campaigns launched from compromised valid accounts this quarter, a trend we noted last quarter, with threat actors using this technique to expan
Talos
Velociraptor leveraged in ransomware attacks
blogs_talos·2025-10-09·CVSS 5.5
[MEDIUM] Velociraptor leveraged in ransomware attacks
## Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor , an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents .
We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools and tactics, techniques, and procedures (TTPs)
Talos also observed evidence of Babuk ransomware files on the victim’s network, which has not been previously deployed by Storm-2603.
Update: 10/17/2025 Clarification added around CVE-2025-6264
In August 2025, Talos responded to a ransomware attack by actors who appeared to be affiliated with Warlock ransomware, based on their ransom note and use of
Talos
Velociraptor leveraged in ransomware attacks
blogs_talos·2025-10-09·CVSS 5.5
[MEDIUM] Velociraptor leveraged in ransomware attacks
- Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents.
- We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools and tactics, techniques, and procedures (TTPs)
- Talos also observed evidence of Babuk ransomware files on the victim’s network, which has not been previously deployed by Storm-2603.
Update: 10/17/2025 Clarification added around CVE-2025-6264
In August 2025, Talos responded to a ransomware attack by actors who appeared to be affiliated with Warlock ransomware, based on their ransom note and use of Warlock’s data leak site (DLS). They deployed
Bleepingcomputer
Hackers now use Velociraptor DFIR tool in ransomware attacks
blogs_bleepingcomputer·2025-10-09·CVSS 5.5
[MEDIUM] Hackers now use Velociraptor DFIR tool in ransomware attacks
## Hackers now use Velociraptor DFIR tool in ransomware attacks
## Bill Toulas
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware.
Cisco Talos researchers assess with medium confidence that the attacker behind the campaigns is a China-based adversary tracked as Storm-2603.
Velociraptor is an open-source DFIR tool created by Mike Cohen. The project has been acquired by Rapid7, which provides an enhanced version to its customers.
Cybersecurity company Sophos reported on August 26 that hackers were abusing Velociraptor for remote access . Specifically, the threat actors leveraged it to download and execute Visual Studio Code on compromised hosts, establishing a secure communication tun
Wiz
CVE-2025-14728 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.6
CVE-2025-14728 [HIGH] CVE-2025-14728 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-14728 :
Velociraptor vulnerability analysis and mitigation
Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed to write in the datastore directory. The issue occurs due to insufficient sanitization of directory names which end with a ".", only encoding the final "." AS "%2E".
Although files can be written to incorrect locations, the containing directory must end with "%2E". This limits the impact of this vulnerability, and prevents it from overwriting critical files.
Source : NVD
## 6.8
Score
Published December 29, 2025
Severity MEDIUM
CNA Score 6.8
Affected Technologies
Velociraptor
Has Pub
2025-06-20
Published
Exploited in the wild