10.0
CRITICAL
CVE-2025-27364
Caldera Remote Code Execution Vulnerability
Description

In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera's Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands.

INFO

Published Date :

Feb. 24, 2025, 7:15 p.m.

Last Modified :

Feb. 24, 2025, 8:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

6.0

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2025-27364 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Mitre caldera
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-27364.

URL Resource
https://github.com/mitre/caldera/commit/35bc06e42e19fe7efbc008999b9f993b1b7109c0
https://github.com/mitre/caldera/pull/3129
https://github.com/mitre/caldera/pull/3131/commits/61de40f92a595bed462372a5e676c2e5a32d1050
https://github.com/mitre/caldera/releases
https://github.com/mitre/caldera/security
https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e
https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-27364 vulnerability anywhere in the article.

  • The Cyber Express
Toronto Zoo Issues Final Notification on Cyberattack and Data Breach

The Toronto Zoo has disclosed a cyberattack that targeted the Zoo in early January 2024. The zoo has since conducted an extensive analysis to understand the full scope of the breach and notify those a ... Read more

Published Date: Mar 03, 2025 (20 hours, 29 minutes ago)
CVE-2025-27364 CVE-2024-21287
  • TheCyberThrone
CVE-2025-23363 impacts Siemens TeamCenter

CVE-2025-23363 is a high-severity vulnerability identified in Siemens Teamcenter, a product lifecycle management (PLM) software suite used by businesses to manage the entire lifecycle of a product. Th ... Read more

Published Date: Mar 02, 2025 (1 day, 19 hours ago)
CVE-2025-27364 CVE-2025-20059 CVE-2025-23363 CVE-2024-47901
  • TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – February 2025

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending February 2025Subscribers favorite #1CVE-2025-109 ... Read more

Published Date: Mar 02, 2025 (1 day, 21 hours ago)
CVE-2025-27364 CVE-2025-20059 CVE-2025-1094 CVE-2025-23363 CVE-2025-21293 CVE-2025-0107 CVE-2024-51741 CVE-2024-46981 CVE-2024-38193
  • TheCyberThrone
CVE-2025-20059 impacts Ping Identity

CVE-2025-20059 represents a critical security vulnerability known as a Relative Path Traversal flaw, which impacts the Ping Identity PingAM Java Policy Agent. This vulnerability allows for parameter i ... Read more

Published Date: Mar 01, 2025 (2 days, 17 hours ago)
CVE-2025-27364 CVE-2025-20059
  • TheCyberThrone
CVE-2025-27364 affects MITRE Caldera

CVE-2025-27364 is a critical Remote Code Execution (RCE) vulnerability identified in MITRE Caldera, a highly regarded cybersecurity platform used for adversary emulation, detection evaluation, and tra ... Read more

Published Date: Mar 01, 2025 (3 days, 1 hour ago)
CVE-2025-27364
  • The Cyber Express
CISA Appoints Karen Evans as New Cybersecurity Executive Assistant Director

Karen Evans has been appointed as the new Executive Assistant Director (EAD) for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA). In this new role, Evans brings an extensi ... Read more

Published Date: Feb 28, 2025 (3 days, 18 hours ago)
CVE-2025-27364 CVE-2024-0132
  • The Cyber Express
MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) – Here’s What You Need to Know

CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow atta ... Read more

Published Date: Feb 28, 2025 (3 days, 21 hours ago)
CVE-2025-27364 CVE-2024-21287
  • The Cyber Express
Cleveland Municipal Court Remains Closed Due to Ongoing Cybersecurity Incident

Cleveland Municipal Court has been closed for three consecutive days following a cybersecurity incident that has disrupted its internal systems. The court announced the closure on Monday and has since ... Read more

Published Date: Feb 28, 2025 (3 days, 23 hours ago)
CVE-2025-27364 CVE-2024-20953 CVE-2017-3066
  • Dark Reading
Max Severity RCE Vuln in All Versions of MITRE Caldera

Source: VallepuGraphics via ShutterstockA maximum severity remote code execution (RCE) bug has emerged that affects all versions of MITRE Caldera going back to the first versions of the open source ad ... Read more

Published Date: Feb 25, 2025 (6 days, 8 hours ago)
CVE-2025-27364
  • The Register
MITRE Caldera security suite scores perfect 10 for insecurity

The smart cookie who discovered a perfect 10-out-of-10-severity remote code execution (RCE) bug in MITRE's Caldera security training platform has urged users to "immediately pull down the latest versi ... Read more

Published Date: Feb 25, 2025 (6 days, 9 hours ago)
CVE-2025-27364 CVE-2024-34331
  • Cybersecurity News
CVE-2025-27364 (CVSS 10): Remote Code Execution Flaw Found in MITRE Caldera, PoC Releases

Image Credit: @mitrecalderaA newly discovered vulnerability in MITRE Caldera, tracked as CVE-2025-27364, has been assigned a critical CVSS score of 10, indicating its severe impact on affected systems ... Read more

Published Date: Feb 25, 2025 (1 week ago)
CVE-2025-27364 CVE-2024-13159

The following table lists the changes that have been made to the CVE-2025-27364 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Feb. 24, 2025

    Action Type Old Value New Value
    Added Reference https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e
  • New CVE Received by [email protected]

    Feb. 24, 2025

    Action Type Old Value New Value
    Added Description In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera's Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands.
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-78
    Added Reference https://github.com/mitre/caldera/commit/35bc06e42e19fe7efbc008999b9f993b1b7109c0
    Added Reference https://github.com/mitre/caldera/pull/3129
    Added Reference https://github.com/mitre/caldera/pull/3131/commits/61de40f92a595bed462372a5e676c2e5a32d1050
    Added Reference https://github.com/mitre/caldera/releases
    Added Reference https://github.com/mitre/caldera/security
    Added Reference https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-27364 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-27364 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: