{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-62002","assignerOrgId":"9119a7d8-5eab-497f-8521-727c672e3725","state":"PUBLISHED","assignerShortName":"cisa-cg","dateReserved":"2025-10-07T14:33:04.481Z","datePublished":"2025-12-18T20:33:55.098Z","dateUpdated":"2026-01-15T19:51:15.560Z"},"containers":{"cna":{"descriptions":[{"lang":"en","value":"BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection can be configured by the user. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected."}],"affected":[{"vendor":"BullWall","product":"Ransomware Containment","defaultStatus":"unknown","versions":[{"version":"4.6.0.0","status":"affected","lessThan":"*","versionType":"custom"}]}],"problemTypes":[{"descriptions":[{"description":"CWE-358 Improperly Implemented Security Check for Standard","lang":"en","type":"CWE","cweId":"CWE-358"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":4.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"cvssV4_0":{"version":"4.0","baseScore":5.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","userInteraction":"NONE","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","subIntegrityImpact":"NONE","vulnIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","vulnConfidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-10-06T19:36:16.621284Z","id":"CVE-2025-62002","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"BullWall Ransomware Containment file count detection bypass","references":[{"name":"url","url":"https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.json","tags":["government-resource","third-party-advisory"]},{"name":"url","url":"https://www.cve.org/CVERecord?id=CVE-2025-62002","tags":["vdb-entry"]}],"credits":[{"value":"Alexander Nikolaj Fischer","lang":"en"}],"datePublic":"2025-12-18T00:00:00.000Z","providerMetadata":{"orgId":"9119a7d8-5eab-497f-8521-727c672e3725","shortName":"cisa-cg","dateUpdated":"2026-01-15T19:51:15.560Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-08T18:14:44.407193Z","id":"CVE-2025-62002","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-08T18:15:00.469Z"}}]}}