CVE-2025-55013 MEDIUM

CVE-2025-55013: Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code

Vendor Cybercentrecanada

Product assemblyline

Weakness CWE-23

Published August 9, 2025

Last update August 12, 2025

View on NVD All CVEs

CVSS base score

4.2/10

Attack vector Adjacent

Attack complexity High

Privileges required None

User interaction None

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task_handler.py) accepts a SHA-256 value returned by the service server and uses it directly as a local file name.A malicious or compromised server (or any MITM that can speak to client) can return a path-traversal payload such as `../../../etc/cron.d/evil` and force the client to write the downloaded bytes to an arbitrary location on disk. This is fixed in version 4.6.1.dev138.

Key dates

02Disclosure timeline

August 9, 2025 CVE published

August 12, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-55013

Related vulnerabilities

CVE-2025-55013: Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code

01Description

02Disclosure timeline

03References

04Related CVE