CVE-2025-27090

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server's IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/BishopFox/sliver/commit/0f340a25cf3d496ed870dae7da39eab4427bc16f	Patch
https://github.com/BishopFox/sliver/commit/10e245326070c6a5884a02e0790bb7e2baefb3a1	Patch
https://github.com/BishopFox/sliver/security/advisories/GHSA-fh4v-v779-4g2w	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:bishopfox:sliver:*:*:*:*:*:*:*:*

History

27 Feb 2025, 20:18

Type	Values Removed	Values Added
First Time		Bishopfox Bishopfox sliver
References	~~() https://github.com/BishopFox/sliver/commit/0f340a25cf3d496ed870dae7da39eab4427bc16f -~~	() https://github.com/BishopFox/sliver/commit/0f340a25cf3d496ed870dae7da39eab4427bc16f - Patch
References	~~() https://github.com/BishopFox/sliver/commit/10e245326070c6a5884a02e0790bb7e2baefb3a1 -~~	() https://github.com/BishopFox/sliver/commit/10e245326070c6a5884a02e0790bb7e2baefb3a1 - Patch
References	~~() https://github.com/BishopFox/sliver/security/advisories/GHSA-fh4v-v779-4g2w -~~	() https://github.com/BishopFox/sliver/security/advisories/GHSA-fh4v-v779-4g2w - Exploit, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
Summary		(es) Sliver es una emulación adversaria cruzada de código abierto/equipo rojo framework, las organizaciones de todos los tamaños pueden utilizar las pruebas de seguridad. El reenvío de puerto inverso en Sliver TeamServer permite al implante abrir un túnel inverso en el servidor de equipos de Sliver sin verificar si el operador instruyó al implante que lo hiciera. El único impacto que se ha demostrado es la exposición de la dirección IP del servidor a un tercero. Este problema se ha abordado en la versión 1.5.43 y se recomienda a todos los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.
CPE		cpe:2.3:a:bishopfox:sliver::::::::

19 Feb 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-19 22:15

Updated : 2025-02-27 20:18

NVD link : CVE-2025-27090

Mitre link : CVE-2025-27090

CVE.ORG link : CVE-2025-27090

JSON object : View

Products Affected

bishopfox

sliver

CWE

CWE-918

Server-Side Request Forgery (SSRF)

5.3 /10