CVE-2022-35631

MEDIUM

Velociraptor <0.6.5.2 - Symlink Attack

Title source: llm

Description

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.

References (1)

[Mitigation, Patch, Vendor Advisory] https://www.rapid7.com/blog/post/2022/07/26/cve-2022-35629-35632-velociraptor-multiple-vulnerabilities-fixed/

Scores

CVSS v3 5.5

EPSS 0.0011

EPSS Percentile 28.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-377 CWE-59

Status published

Products (1)

rapid7/velociraptor < 0.6.5-2

Published Jul 29, 2022

Tracked Since Feb 18, 2026