CVE-2025-8432
Published: 27 October 2025
Summary
CVE-2025-8432 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Centreon Infra Monitoring (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Services File Permissions Weakness (T1574.010); ranked in the top 22.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).
Deeper analysis
CVE-2025-8432 is an Incorrect Default Permissions vulnerability, tracked under CWE-276, that affects the MBI modules within Centreon Infra Monitoring. It permits the CentreonBI user account on the MBI server to embed scripts within scripts. The flaw impacts versions 24.10.0 before 24.10.6, 24.04.0 before 24.04.9, and 23.10.0 before 23.10.15, and carries a CVSS 3.1 score of 8.4.
An attacker with high privileges who can authenticate as the CentreonBI account may leverage the permission misconfiguration to inject and execute arbitrary scripts. Because the vulnerability is network-reachable with low attack complexity and requires user interaction, successful exploitation can result in full compromise of confidentiality, integrity, and availability on the affected server with changed scope.
Centreon has published fixes in the referenced releases and corresponding security bulletin, directing administrators to upgrade the affected Infra Monitoring versions to 24.10.6, 24.04.9, or 23.10.15 or later. The associated GitHub release notes provide the updated packages.
EPSS scores for this CVE remain low, with a current value of 0.0103 and a peak of 0.0107.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-36152
Vulnerability details
Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Incorrect default permissions (CWE-276) enable a high-privileged CentreonBI user to embed scripts within scripts, facilitating abuse of file system permissions weaknesses (T1044) and execution via command and scripting interpreters (T1059).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely flaw remediation through patching affected Centreon Infra Monitoring versions directly eliminates the incorrect default permissions vulnerability.
Least privilege enforcement restricts the high-privilege CentreonBI user account from embedding scripts within scripts.
Secure configuration settings ensure default permissions for MBI modules do not allow unauthorized script embedding.