A critical remote code execution (RCE) vulnerability (CVE-2025-27364) in MITRE Caldera poses significant risks of system compromise, potentially allowing unauthenticated attackers full control over affected systems. This vulnerability can be combined with another flaw in Parallels Desktop (CVE-2024-34331) to elevate the risks further. Security teams are urged to prioritize immediate threat detection and mitigation strategies in light of the increased prevalence of weaponized vulnerabilities.
Affected: MITRE Caldera, Parallels Desktop
Affected: MITRE Caldera, Parallels Desktop
Keypoints :
- Discovery of a max-severity RCE vulnerability (CVE-2025-27364) in MITRE Caldera.
- This vulnerability is rated with a CVSS score of 10.0.
- Can be exploited without authentication by injecting malicious code into the compilation process.
- CVE-2025-27364 poses risks when linked with CVE-2024-34331, exacerbating the threat landscape.
- Successful exploitation can lead to unauthorized access and data breaches.
- The SOC Prime Platform offers tools for proactive threat detection related to weaponized CVEs.
- Defenders recommend updating to versions 5.1.0 and above to mitigate risks.
- Users should implement network segmentation and monitor API activities to detect unusual behavior.
MITRE Techniques :
- TA0001 – Initial Access: Exploiting CVE-2025-27364 enables attackers to gain initial access.
- T1592.001 – Extracting information from APIs: CVE-2025-27364 allows infection through the API.
- T1203 – Exploitation for Client Execution: The flaw can exploit the server’s ability to compile dynamic agents.
Indicator of Compromise :
- [URL] http://malicious.com/path
- [URL] https://example.com
- [Domain] malicious.com
- [IP Address] 192.168.1.1
- [Email Address] attacker@example.com
Full Story: https://socprime.com/blog/cve-2025-27364-rce-vulnerability-in-mitre-caldera/
Views: 7