CVE-2025-27021 – Infinera G42 Sudoers Configuration Memory Access Vulnerability

CVE ID : CVE-2025-27021

Published : July 2, 2025, 9:15 a.m. | 1 hour, 36 minutes ago

Description : The misconfiguration in the sudoers configuration of the operating system in
Infinera G42 version R6.1.3 allows low privileged OS users to
read/write physical memory via devmem command line tool.
This could
allow sensitive information disclosure, denial of service, and privilege
escalation by tampering with kernel memory.

Details: The output of “sudo -l” reports the presence of “devmem” command
executable as super user without using a password. This command allows
to read and write an arbitrary memory area of the target device,
specifying an absolute address.

Severity: 7.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…