Start your free trial today.

Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.

Your Shield Against Threats

Unleash the Power of Cybersecurity

Boost Your Security, Enhance Your Business

We solve Your Cyber Challenges

Quick Links

Resources

Deepaegis Portals

Traversal in Logpoint Layout Templates Allows Remote Code

CVSS SCORE:8.4

TLP:White

CVE ID:CVE-2025-54317

SEVERITY:Critical

Type: Path Traversal → Remote Code Execution

Vendor:Logpoint

Exploitable?Yes

Summary

A path traversal vulnerability in Logpoint before version 7.6.0 allows attackers with operator-level privileges to perform remote code execution (RCE).

Impact

This vulnerability can be exploited by authenticated attackers with operator privileges to traverse directories and execute arbitrary code on the system, potentially compromising the integrity, confidentiality, and availability of the host.

Affected Products

Logpoint SIEM

Affected Version: Versions before 7.6.0

CVSS Metrics

Source: NVD

version3.1

vectorStringCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

baseScore8.4

baseSeverityHIGH

attackVectorNETWORK

attackComplexityLOW

privilegesRequiredHIGH

userInteractionREQUIRED

scopeCHANGED

confidentialityImpactHIGH

integrityImpactHIGH

availabilityImpactHIGH

CWE Information

Source: MITRE,Type: Primary

Action Information

Remediation: Upgrade Logpoint to version 7.6.0 or later, where this vulnerability has been patched. Limit operator-level access only to trusted users and monitor template creation activities.

Patch and Mitigation Information

Patch Information

Fixed in version 7.6.0

Temporary Fixes / Workarounds

Restrict operator access, disable template uploads if not required

Recommended Security Measures

Monitor usage of layout templates

Detection Methods

File integrity monitoring

Date Of Vendor Response

Not specified

Date Of Patch Release

Not specified

Additional Information

References

:https://servicedesk.logpoint.com/hc/en-us/articles/28685507675549-Path-Traversal-in-Layout-Templates-Allows-Remote-Code-Execution

Affected Organizations

No affected organizations specified

Confidentiality Notice

This document contains sensitive information. Unauthorized distribution is prohibited.

Vulnerability Advisory

Published 7/19/2025

Updated 7/18/2025