CVE-2025-63909

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.2 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Incorrect access control in the component /opt/SRLtzm/bin/TapeDumper of Cohesity TranZman Migration Appliance Release 4.0 Build 14614 allows attackers to escalate privileges to root and read and write arbitrary files.

Vulnerability Details

Published Date

March 03, 2026

Last Modified

March 05, 2026

CWE ID

CWE-269

Source

NVD

Vendor

cohesity

Product

tranzman

External References

https://gist.github.com/GregDurys/d402038147e36de5908159d9722072ef
https://github.com/GregDurys/Cohesity-TranZman-CVEs

CVE-2025-63909

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment