Vulnerability in Red Hat Enterprise Linux 10
CVE-2025-7493
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version ad…
EPSS: 0.005 (40.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Red Hat Enterprise Linux 10 — versions 0:4.12.2-15.el10_0.4
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7 Extended Lifecycle Support — versions 0:4.6.8-5.el7_9.23
- Red Hat Enterprise Linux 8 — versions 8100020250919180242.143e9e98, 8100020250918211722.823393f5
- Red Hat Enterprise Linux 8.2 Advanced Update Support — versions 8020020250924110056.50ea30f9, 8020020250924104944.792f4060
- Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support — versions 8040020250923180004.f153676a, 8040020250923175408.5b01ab7e
- Red Hat Enterprise Linux 8.4 Extended Update Support Long-life Add-on — versions 8040020250923180004.f153676a, 8040020250923175408.5b01ab7e
- Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support — versions 8060020250916172436.c1533a64, 8060020250916174421.ada582f1
- Red Hat Enterprise Linux 8.6 Telecommunications Update Service — versions 8060020250916172436.c1533a64, 8060020250916174421.ada582f1
- Red Hat Enterprise Linux 8.6 Update Services For Sap Solutions — versions 8060020250916172436.c1533a64, 8060020250916174421.ada582f1
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
Frequently asked questions
- What is CVE-2025-7493?
- CVE-2025-7493 is a critical-severity vulnerability in Red Hat Enterprise Linux 10, classified under CWE-1220. CVSS score: 9.1/10. Published 2025-09-30.
- How severe is CVE-2025-7493?
- Critical severity. CVSS v3 base score is 9.1 out of 10.
- Is CVE-2025-7493 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.