CVE-2025-1244
Published: 12 February 2025
Summary
CVE-2025-1244 is a high-severity OS Command Injection (CWE-78) vulnerability in Gnu (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 17.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Deeper analysis
A command injection vulnerability, tracked as CVE-2025-1244 and assigned CWE-78, affects the Emacs text editor. The flaw permits execution of arbitrary shell commands and carries a CVSS 3.1 score of 8.8, reflecting network attack vector, low complexity, no required privileges, and user-interaction requirements that still result in full confidentiality, integrity, and availability impact.
An unauthenticated remote attacker can exploit the issue by persuading a user to visit a malicious website or an HTTP URL that issues a redirect, causing Emacs to process attacker-controlled input and execute commands on the victim's system.
Red Hat has published multiple errata (RHSA-2025:1915, RHSA-2025:1917, RHSA-2025:1961, RHSA-2025:1962, and RHSA-2025:1963) that address the flaw; applying the corresponding package updates is the indicated mitigation.
EPSS remains flat at 0.0175 with no recorded rise after disclosure, and no evidence of in-the-wild exploitation is provided in the available data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2098
Vulnerability details
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or…
more
an HTTP URL with a redirect.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE enables client-side exploitation of Emacs via malicious URL to achieve Unix shell command execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2025-1244 by requiring timely patching of the command injection vulnerability in Emacs as provided in vendor errata like RHSA-2025:1915.
Vulnerability scanning detects the presence of vulnerable Emacs versions, enabling proactive remediation before remote exploitation via crafted websites or URLs.
Monitors and disseminates security alerts and advisories about CVE-2025-1244, ensuring awareness and timely action on available patches for the Emacs command injection flaw.