A critical remote code execution vulnerability, CVE-2025-27364, has been discovered in MITRE's Caldera security training platform. Affecting all versions since its 2017 release, users are urged to upgrade to version 5.1.0 or later. The RCE vulnerability can be triggered easily in default configurations, as it requires common dependencies like Go, Python, and GCC to be installed. This vulnerability allows an attacker to deploy malicious reverse shells, Manx and Sandcat agents, and exploit an unauthenticated API endpoint, making timely updates vital for users' security.
The max-severity vulnerability affects all versions of Caldera, including the very first ones released back in 2017, necessitating immediate updates for users to avoid exploitation.
Kulikowski highlighted that the RCE flaw can be triggered in most default configurations, increasing the risk for users who may not be aware of the vulnerability.
The vulnerability specifically involves deploying Manx and Sandcat agents, allowing attackers to control Caldera operations without needing valid credentials for the unauthenticated API endpoint.
Attackers can exploit this flaw using a specially crafted HTTPS request, which is deeply concerning given that many deployments will have the necessary dependencies installed.
Collection
[
|
...
]