Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-32793

Good to know:

icon

Date: April 21, 2025

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.

Severity Score

Related Resources (6)

https://github.com/cilium/cilium/pull/38592
https://github.com/cilium/cilium
https://nvd.nist.gov/vuln/detail/CVE-2025-32793
https://github.com/cilium/cilium/commit/e8543eef05126e9ba8a845dc74e96f4e30f6dba9
https://github.com/cilium/cilium/security/advisories/GHSA-5vxx-c285-pcq4
https://www.mend.io/vulnerability-database/CVE-2025-32793

Severity Score

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

Cleartext Transmission of Sensitive Information

CWE-319

Top Fix

icon

Upgrade Version

Upgrade to version github.com/cilium/cilium - v1.15.16;github.com/cilium/cilium - v1.16.9;github.com/cilium/cilium - v1.17.3;https://github.com/cilium/cilium.git - v1.15.16;https://github.com/cilium/cilium.git - v1.16.9;https://github.com/cilium/cilium.git - v1.17.3

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us