CVE-2025-43001 – SAPCAR Privilege Escalation Directory Traversal

CVE ID : CVE-2025-43001

Published : July 8, 2025, 1:15 a.m. | 2 hours ago

Description : SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with signed archives without breaking the signature, but it has a low impact on the confidentiality and availability of the system.

Severity: 6.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…