CVE-2025-7784

MEDIUM

Keycloak - Privilege Escalation

Title source: llm

Description

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.

References (4)

Scores

CVSS v3 6.5
EPSS 0.0001
EPSS Percentile 2.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Classification

CWE
CWE-269
Status published

Affected Products (2)

redhat/build_of_keycloak
org.keycloak/keycloak-services < 26.2.6Maven

Timeline

Published Jul 18, 2025
Tracked Since Feb 18, 2026