Home > Vulnerability Database > CVE-2025-11561

Mend.io Vulnerability Database

CVE-2025-11561

Date: October 9, 2025

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.

Severity Score

8.8

Related Resources (25)

Url: https://access.redhat.com/errata/RHSA-2025:22529

Url: https://access.redhat.com/errata/RHSA-2025:21329

Url: https://access.redhat.com/errata/RHSA-2025:19854

Url: https://access.redhat.com/errata/RHSA-2025:19849

Url: https://access.redhat.com/errata/RHSA-2025:19847

Url: https://access.redhat.com/errata/RHSA-2025:19848

Url: https://access.redhat.com/errata/RHSA-2025:19859

Url: https://access.redhat.com/errata/RHSA-2025:20954

Url: https://access.redhat.com/errata/RHSA-2025:22548

Url: https://access.redhat.com/errata/RHSA-2025:21795

Url: https://access.redhat.com/errata/RHSA-2025:22256

Url: https://access.redhat.com/errata/RHSA-2025:21020

Url: https://blog.async.sg/kerberos-ldr

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2402727

Url: https://access.redhat.com/errata/RHSA-2025:22277

Url: https://access.redhat.com/errata/RHSA-2025:21067

Url: https://access.redhat.com/errata/RHSA-2025:22265

Url: https://access.redhat.com/security/cve/CVE-2025-11561

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-11561

Url: https://access.redhat.com/errata/RHSA-2025:19610

Url: https://access.redhat.com/errata/RHSA-2025:19852

Url: https://access.redhat.com/errata/RHSA-2025:19853

Url: https://access.redhat.com/errata/RHSA-2025:19850

Url: https://access.redhat.com/errata/RHSA-2025:19851

Url: https://www.mend.io/vulnerability-database/CVE-2025-11561

Severity Score

8.8

Weakness Type (CWE)

Improper Privilege Management

CWE-269

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-11561

Date: October 9, 2025

Severity Score

Related Resources (25)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?