RCE in Cato Networks Socket

CVE-2025-14213

Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface (UI) to execute arbitrary operating system commands as the root user on the…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.004 (63.9th percentile) — read the EPSS interpretation.