CVE ID : CVE-2025-27021
Published : July 2, 2025, 9:15 a.m. | 27 minutes ago
Description : The misconfiguration in the sudoers configuration of the operating system in
Infinera G42 version R6.1.3 allows low privileged OS users to
read/write physical memory via devmem command line tool.
This could
allow sensitive information disclosure, denial of service, and privilege
escalation by tampering with kernel memory.
Details: The output of “sudo -l” reports the presence of “devmem” command
executable as super user without using a password. This command allows
to read and write an arbitrary memory area of the target device,
specifying an absolute address.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More