Request a Demo
Rewterz
Black Basta Ransomware – Active IOCs
July 30, 2025
Rewterz
Qilin Ransomware aka Agenda – Active IOCs
July 31, 2025

Multiple Elastic Beats Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-25011 CVSS:7

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

CVE-2025-0712 CVSS:7

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

Impact

  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2025-25011

  • CVE-2025-0712

Affected Vendors

  • Elastic

Affected Products

  • Elastic Beats version 9.1.0

Remediation

Refer to Elastic Security Advisory for patch, upgrade, or suggested workaround information.

Elastic Security Advisory