Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-61909

Good to know:

icon
icon

Date: October 16, 2025

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user, but send the signal as the root user. This can allow the Icinga user to send signals to processes it would otherwise not permitted to. A fix is included in the following Icinga 2 versions: 2.15.1, 2.14.7, and 2.13.13.

Severity Score

Related Resources (6)

https://nvd.nist.gov/vuln/detail/CVE-2025-61909
https://github.com/Icinga/icinga2/issues/10527
https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587
https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46
https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4
https://www.mend.io/vulnerability-database/CVE-2025-61909

Weakness Type (CWE)

Execution with Unnecessary Privileges

CWE-250

Top Fix

icon

Upgrade Version

Upgrade to version https://github.com/Icinga/icinga2.git - v2.13.13

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us