CVE-2025-8432
Published: 27 October 2025
Description
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Security Summary
CVE-2025-8432 is an Incorrect Default Permissions vulnerability (CWE-276) in the MBI modules of Centreon Infra Monitoring. It enables the CentreonBI user account on the MBI server to embed scripts within scripts. The issue affects Centreon Infra Monitoring versions from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, and from 23.10.0 before 23.10.15. The vulnerability carries a CVSS v3.1 base score of 8.4 (AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H).
An attacker requires high privileges, such as access to the CentreonBI user account on the MBI server, along with network access and user interaction to exploit this vulnerability. The low attack complexity and changed scope allow a successful exploit to achieve high impacts on confidentiality, integrity, and availability, potentially enabling arbitrary script execution or escalation through embedded malicious scripts.
Centreon advisories recommend upgrading to patched versions 24.10.6, 24.04.9, or 23.10.15. Additional mitigation details are available in the official security bulletin at https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-8432-centreon-mbi-high-severity-5180 and the GitHub releases page at https://github.com/centreon/centreon/releases.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Incorrect default permissions (CWE-276) enable a high-privileged CentreonBI user to embed scripts within scripts, facilitating abuse of file system permissions weaknesses (T1044) and execution via command and scripting interpreters (T1059).