cbcvebase.
CVE-2025-8432
published 2025-10-27

CVE-2025-8432: Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on…

PriorityP346high8.4CVSS 3.1
AVNACLPRHUIRSCCHIHAH
EPSS
0.38%
29.6th percentile
Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.

Affected

3 ranges
VendorProductVersion rangeFixed in
centreoninfra_monitoring>= 23.10.0 < 23.10.1523.10.15
centreoninfra_monitoring>= 24.04.0 < 24.04.924.04.9
centreoninfra_monitoring>= 24.10.0 < 24.10.624.10.6
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.