Vulnerability cyber

Elastic

Jun 25, 2025 1 min read
Elastic

A severe heap corruption vulnerability in Kibana could let attackers achieve remote code execution using specially crafted HTML pages. The vulnerability, designated as CVE-2025-2135, stems from a Type Confusion flaw in the underlying Chromium engine and carries a maximum CVSSv3.1 score of 9.9, indicating its critical severity level. Users should upgrade to patched versions (7.17.29, 8.17.8, 8.18.3, or 9.0.3) immediately to eliminate the security risk.

Source: https://cybersecuritynews.com/kibana-vulnerabilities-allows-code-execution/

TPRM report: https://scoringcyber.rankiteo.com/company/elastic-co

"id": "ela528062525",
"linkid": "elastic-co",
"type": "Vulnerability",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'type': 'Organizations running vulnerable Kibana '
                                'instances'}],
 'attack_vector': 'Malicious HTML pages',
 'date_detected': '2025-03-10',
 'date_publicly_disclosed': '2025-03-10',
 'description': 'A severe heap corruption vulnerability in Kibana could let '
                'attackers achieve remote code execution using specially '
                'crafted HTML pages. The vulnerability, designated as '
                'CVE-2025-2135, stems from a Type Confusion flaw in the '
                'underlying Chromium engine and carries a maximum CVSSv3.1 '
                'score of 9.9, indicating its critical severity level.',
 'impact': {'operational_impact': 'High',
            'systems_affected': 'Kibana instances with reporting capabilities '
                                'enabled'},
 'initial_access_broker': {'entry_point': 'Malicious HTML pages'},
 'post_incident_analysis': {'corrective_actions': ['Upgrade to patched '
                                                   'versions'],
                            'root_causes': 'Type Confusion flaw in the '
                                           'Chromium engine'},
 'recommendations': ['Upgrade to patched versions',
                     'Disable reporting if unable to upgrade',
                     'Restrict report generation access to trusted users'],
 'response': {'containment_measures': ['Disable reporting by adding '
                                       'xpack.reporting.enabled: false to '
                                       'kibana.yml',
                                       'Restrict report generation access to '
                                       'trusted users only'],
              'remediation_measures': ['Upgrade to patched versions (7.17.29, '
                                       '8.17.8, 8.18.3, or 9.0.3)']},
 'title': 'Kibana Remote Code Execution Vulnerability (CVE-2025-2135)',
 'type': 'Remote Code Execution (RCE)',
 'vulnerability_exploited': 'CVE-2025-2135'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.