How severe is CVE-2025-20119?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2025-20119?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2025-20119

MEDIUM Year: 2025

CVSS v3 Score

6.0

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to a race condition with handling system files. An attacker could exploit this vulnerability by doing specific operations on the file system. A successful exploit could allow the attacker to overwrite system files, which could lead to the device being in an inconsistent state and cause a DoS condition.

CVE-2007-4774

MEDIUM

CVSS:5.9(Medium)

The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.

CWE-3622007

CVE-2010-0021

MEDIUM

CVSS:5.9(Medium)

Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to c...

CWE-3622010

CVE-2012-3552

MEDIUM

CVSS:5.9(Medium)

Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application...

CWE-3622012

CVE-2014-0245

MEDIUM

CVSS:5.9(Medium)

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SO...

CWE-3622014

CVE-2015-6569

MEDIUM

CVSS:5.9(Medium)

Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state...

CWE-3622015

CVE-2016-10027

MEDIUM

CVSS:5.9(Medium)

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of clear...

CWE-3622016

CVE-2025-20119

Vulnerability Description

Related Vulnerabilities

CVE-2007-4774

CVE-2010-0021

CVE-2012-3552

CVE-2014-0245

CVE-2015-6569

CVE-2016-10027