CVE-2025-6723 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere wi…
Medium CVSS: 5.8

CVE-2025-6723

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially resulting in elevated privileges or operational disruption.

This issue affects Chef Inspec: through 5.23 and before 7.0.107
Vendor
-
Product
-
CWE
CWE-269
Yayın Tarihi
2026-01-30 14:16:06
Güncelleme
2026-03-11 15:16:21
Source Identifier
security@progress.com
KEV Date Added
-

Kategoriler

CWE-269 MEDIUM 2026

Referanslar

https://docs.chef.io/inspec/