CVE-2025-27028 – Radiflow iSAP Smart Collector Linux Privilege Escalation

CVE ID : CVE-2025-27028

Published : July 9, 2025, 9:15 a.m. | 49 minutes ago

Description : The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 – VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash).

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…