MITRE Caldera dynamic compilation command injection
Added: 02/28/2025Background
MITRE Caldera is a security platform for emulating adversaries.Problem
The dynamic compilation functionality in the Manx and Sandcat agents is affected by an injection vulnerability which could allow remote command execution.Resolution
Upgrade to Caldera 5.1.0 or higher.References
https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0ePlatforms
LinuxBack to exploit index