back to website

Werk #17985: jar_signature: Fix privilege escalation via insecure JAVA_HOME path handling

Component Checks & agents
Title jar_signature: Fix privilege escalation via insecure JAVA_HOME path handling
Date Apr 28, 2025
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.5.0b1
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.4.0 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.3.0p32 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.2.0p42 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)

The jar_signature agent plugin (configured by the "Signatures of certificates in JAR files" bakery rule) prepends JAVA_HOME/bin to the PATH environment variable. A user with write permission to that directory could replace legitimate commands with their own malicious scripts and execute them as root.

Affected Versions:

  • 2.4.0 (beta)
  • 2.3.0
  • 2.2.0
  • 2.1.0 (EOL)

Vulnerability Management:

We have rated the issue with a CVSS score of 5.2 (medium) with the following CVSS vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H, and assigned CVE-2025-32917.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now