Key Information Vulnerability ID: #18570 Title: Inotify: do not override permissions in agent plugin Date: Sep 12, 2025 Severity: Trivial Change Category: Security Fix Compatibility: Incompatible - Manual interaction might be required Affected Versions: 2.4.0, 2.3.0, 2.2.0, <=2.1.0 (EOL) Description By overriding the umask value in the agent plugin, files written to have overly permissive permissions (-rw-rw-rw-), allowing any user write access. Impact Anyone who previously deployed the agent plugin may be affected. You can check if you are affected by running . Fix and Mitigation Fix: Install the agent with the updated plugin. Since you may also need to manually re-trigger the plugin to restart its process, this change is considered incompatible. Mitigation: You can mitigate this by baking the agent and deploying the fix, or by manually modifying the deployed agent by removing at line 125 in . After applying the fix, the agent must be restarted. Indicators of Compromise Check the permissions of log files by running . If any file has (-rw-rw-rw-) permissions, you should redeploy the agent with the fix. Vulnerability Management This issue has been rated with a CVSS score of 4.8 (Medium) and assigned CVE-2025-64996.