CVE-2025-2515
HIGHEclipse Foundation BlueChi < 1.0.0 - Authenticated Privilege Escalation via Systemd Service Unit File Manipulation
Title source: llmDescription
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized service execution, and potential system compromise.
References (5)
Core 5
Core References
Issue Tracking
https://github.com/eclipse-bluechi/bluechi/issues/1069
Issue Tracking
https://github.com/eclipse-bluechi/bluechi/pull/1073
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-2515
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2353313
Scores
CVSS v3
7.2
EPSS
0.0018
EPSS Percentile
7.5%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (1)
Eclipse Foundation/BlueChi
< 1.0.0
Published
Dec 24, 2025
Tracked Since
Feb 18, 2026