Description

BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.

Related CPE's

Could not find any relations

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/VA-25-352-01.json

https://www.cve.org/CVERecord?id=CVE-2025-62004

Weaknesses

9119a7d8-5eab-497f-8521-727c672e3725

Secondary
CWE-367

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

6.2 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

9119a7d8-5eab-497f-8521-727c672e3725

Vulnerability status

Awaiting analysis

Published

2025-12-18T21:15:54.383

23 hours ago

Last modified

2025-12-19T18:00:18.330

3 hours ago