Cyber Posture

CVE-2022-41572

Critical

Published: 07 January 2025

Published
07 January 2025
Modified
13 June 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0024 47.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-41572 is a critical-severity Incorrect Default Permissions (CWE-276) vulnerability in Eyesofnetwork Eyesofnetwork. Its CVSS base score is 9.8 (Critical).

Operationally, ranked at the 47.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-6 Least Privilege good match
prevent

AC-6 Least Privilege directly prevents privilege escalation by restricting nmap execution to non-root privileges, addressing the core issue of incorrect default permissions allowing root access.

CM-7 Least Functionality good match
prevent

CM-7 Least Functionality prohibits unnecessary root-level execution of tools like nmap, limiting system capabilities to essential functions and mitigating total server control.

CM-6 Configuration Settings good match
prevent

CM-6 Configuration Settings enforces secure baseline configurations for permissions and execution contexts of nmap, remediating the default permissions flaw (CWE-276).

NVD Description

An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be run as root. The attacker achieves total control over the server.

Deeper analysisAI

CVE-2022-41572 is a privilege escalation vulnerability in EyesOfNetwork (EON) through version 5.3.11. The issue stems from the ability to run the nmap tool as the root user on the server, which allows attackers to achieve total control over the affected system. It has been assigned CWE-276 (Incorrect Default Permissions) and a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its high impact on confidentiality, integrity, and availability.

Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation grants full root access to the server, enabling complete compromise including data exfiltration, modification, or destruction, as well as potential use as a pivot for further attacks.

Advisories and further details are available in the EyesOfNetworkCommunity GitHub issue at https://github.com/EyesOfNetworkCommunity/eonweb/issues/120 and the Orange Cyberdefense CVE repository at https://github.com/Orange-Cyberdefense/CVE-repository/, which discuss the flaw and potential mitigations such as restricting nmap execution privileges.

Details

CWE(s)
CWE-276

Affected Products

eyesofnetwork
eyesofnetwork
≤ 5.3-11

CVEs Like This One

CVE-2025-24107Shared CWE-276
CVE-2024-53841Shared CWE-276
CVE-2024-11624Shared CWE-276
CVE-2024-43166Shared CWE-276
CVE-2021-47852Shared CWE-276
CVE-2026-32983Shared CWE-276
CVE-2024-53840Shared CWE-276
CVE-2025-24172Shared CWE-276
CVE-2025-24093Shared CWE-276
CVE-2024-11468Shared CWE-276

References