{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-70888", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-28T01:23:35.847Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-25T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T19:03:38.130Z"}, "descriptions": [{"lang": "en", "value": "An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ralphje/signify/issues/60"}, {"url": "https://github.com/mtrojnar/osslsigncode/issues/475"}, {"url": "https://github.com/mtrojnar/osslsigncode/pull/477"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-28T01:21:58.634740Z", "id": "CVE-2025-70888", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T01:23:35.847Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-70888", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-28T01:21:58.634740Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T01:23:30.188Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/ralphje/signify/issues/60"}, {"url": "https://github.com/mtrojnar/osslsigncode/issues/475"}, {"url": "https://github.com/mtrojnar/osslsigncode/pull/477"}], "descriptions": [{"lang": "en", "value": "An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T19:03:38.130Z"}}}, "cveMetadata": {"cveId": "CVE-2025-70888", "state": "PUBLISHED", "dateUpdated": "2026-03-28T01:23:35.847Z", "dateReserved": "2026-01-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-25T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component"}, {"lang": "es", "value": "Un problema en mtrojnar Osslsigncode afectado en v2.10 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s del componente osslsigncode.c"}], "id": "CVE-2025-70888", "lastModified": "2026-03-28T02:16:13.483", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T20:16:22.463", "references": [{"source": "[email protected]", "url": "https://github.com/mtrojnar/osslsigncode/issues/475"}, {"source": "[email protected]", "url": "https://github.com/mtrojnar/osslsigncode/pull/477"}, {"source": "[email protected]", "url": "https://github.com/ralphje/signify/issues/60"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "osslsigncode: Osslsigncode: Remote privilege escalation", "id": "2451443", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451443"}, "csaw": false, "cvss3": {"cvss3_base_score": "10.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-266", "details": ["A flaw was found in osslsigncode. A remote attacker can exploit an issue within the osslsigncode.c component to escalate privileges. This vulnerability allows an attacker to gain elevated access, potentially leading to unauthorized control over the affected system."], "name": "CVE-2025-70888", "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-70888\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-70888\nhttps://github.com/mtrojnar/osslsigncode/issues/475\nhttps://github.com/mtrojnar/osslsigncode/pull/477\nhttps://github.com/ralphje/signify/issues/60"], "statement": "This Critical flaw in osslsigncode allows a remote attacker to escalate privileges. However, Red Hat products are unaffected because they do not ship the package. Additionally, the vulnerable code is not present in the osslsigncode packages shipped with Fedora.", "threat_severity": "Critical"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2.10]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "osslsigncode", "vendor": "mtrojnar"}], "analysis": {"en": {"generated_at": "2026-03-26T04:00:00.095930+00:00", "value": {"mitigation_remediation": ["Upgrade to a newer release of Osslsigncode that is newer than v2.10 where the privilege escalation flaw has been fixed.", "Verify that the new release does not contain the vulnerability by checking the GitHub issue or pull request data.", "If an upgrade cannot be performed immediately, limit network exposure of the osslsigncode executable or remove it from the PATH to prevent remote exploitation.", "Continuously monitor the Osslsigncode repository and security advisories for updates or patches."], "summary": {"action": "Patch", "impact": "Remote privilege escalation"}, "threat_synthesis": {"affected_systems": "Osslsigncode, a code signing tool from mtrojnar, is affected in all releases version 2.10 and earlier. No specific vendor product names are listed in the CNA data, so the vulnerability applies to the OSSLsigncode code base shipped in those versions.", "description_and_impact": "The Osslsigncode tool, version 2.10 and earlier, contains a privilege escalation flaw in its osslsigncode.c component. A remote attacker can trigger the vulnerability to elevate their privileges on the system. This flaw is classified as CWE\u2011266, indicating an error in permission management that can allow unauthorized privilege escalation.", "risk_and_exploitability": "The CVSS score of 10.0 marks the flaw as critical, indicating that exploitation can lead to full system compromise. The EPSS score is not available, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector is inferred to be remote, as the description explicitly states a remote attacker can elevate privileges. Because no authentication or privilege restrictions are mentioned, the vulnerability can likely be exploited without additional access, making it highly likely to be targeted by attackers."}}}}, "created": "2026-03-26T11:51:31.672672+00:00", "updated": "2026-03-26T12:18:35.116042+00:00", "vendors": ["mtrojnar", "mtrojnar$PRODUCT$osslsigncode"]}