Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-64996— Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin's output

EPSS 0.02% · P4
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-64996

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Overly broad file permissions in the mk_inotify plugin allows reading and manipulating the plugin's output
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键资源的不正确权限授予
Source: NVD (National Vulnerability Database)
Vulnerability Title
Checkmk 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Checkmk是Checkmk公司的一个 IT 监控平台。 Checkmk 2.4.0p16之前版本、2.3.0p41之前版本和2.2.0及之前所有版本存在安全漏洞,该漏洞源于mk_inotify插件创建全局可读写文件,可能导致未经授权的访问或修改监控数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Checkmk GmbHCheckmk 2.4.0 ~ 2.4.0p16 -

II. Public POCs for CVE-2025-64996

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-64996

登录查看更多情报信息。

Same Patch Batch · Checkmk GmbH · 2025-11-18 · 3 CVEs total

CVE-2025-58121Insufficient permission validation on multiple REST API endpoints
CVE-2025-58122Insufficient permission validation when configuring notification parameters

IV. Related Vulnerabilities

Same product: Checkmk
Same vendor: Checkmk GmbH
Same weakness: CWE-732

V. Comments for CVE-2025-64996

No comments yet

Leave a comment