What is CVE-2025-5141?

CVE-2025-5141 is a medium-severity vulnerability in Fortra Core Privileged Access Manager (Boks), classified under Use of Cache Containing Sensitive Information. CVSS score: 5.5/10. Published 2025-06-17.

How severe is CVE-2025-5141?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Is CVE-2025-5141 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Fortra Core Privileged Access Manager (Boks)

CVE-2025-5141

A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2…

EPSS: 0.001 (22.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Fortra Core Privileged Access Manager (Boks) — versions 0

Weakness classification (CWE)

CWE-524 — Use of Cache Containing Sensitive Information

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

www.fortra.com/security/advisories/product-security/fi-2025-008

Frequently asked questions

What is CVE-2025-5141?: CVE-2025-5141 is a medium-severity vulnerability in Fortra Core Privileged Access Manager (Boks), classified under Use of Cache Containing Sensitive Information. CVSS score: 5.5/10. Published 2025-06-17.
How severe is CVE-2025-5141?: Medium severity. CVSS v3 base score is 5.5 out of 10.
Is CVE-2025-5141 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.