A critical vulnerability in HashiCorp's Vault software, tracked as CVE-2025-6000, allows privileged operators to execute arbitrary code on underlying host systems. The flaw affects Vault versions from 0.8.0 up to 1.20.0 and has been patched in recent releases. Organizations are urged to immediately upgrade to fixed versions to mitigate the risk of exploitation.
Source: https://cybersecuritynews.com/critical-hashicorp-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/hashicorp
"id": "has731080425",
"linkid": "hashicorp",
"type": "Vulnerability",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Technology',
'name': 'HashiCorp',
'type': 'Software Company'}],
'attack_vector': 'Privileged Vault operator access with write permissions to '
'sys/audit endpoint',
'date_detected': '2025-08-01',
'description': 'A critical HashiCorp security vulnerability affecting Vault '
'Community Edition and Enterprise versions could allow '
'privileged operators to execute arbitrary code on underlying '
'host systems.',
'impact': {'systems_affected': ['Vault Community Edition',
'Vault Enterprise']},
'post_incident_analysis': {'corrective_actions': ['Disable prefix option by '
'default',
'Prevent audit log '
'destinations from '
'targeting plugin '
'directories'],
'root_causes': 'Design flaw in Vault’s audit '
'device functionality'},
'recommendations': ['Upgrade to fixed versions', 'Immediate patching'],
'response': {'remediation_measures': ['Disable prefix option',
'Prevent audit log destinations from '
'targeting plugin directories']},
'title': 'HashiCorp Vault RCE Vulnerability (CVE-2025-6000)',
'type': 'Vulnerability',
'vulnerability_exploited': 'CVE-2025-6000'}