CVE Catalog

CVE-2025-10230

CriticalCVSS 10.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
39.68%

98th percentile - higher than 98% of all known CVEs

Summary

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller's wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process.

Risk Assessment

The organization is at risk of remote takeover of the Samba Domain Controller by an unauthenticated attacker, potentially leading to full compromise of the Active Directory domain and access to sensitive data.

Recommendation

Immediately update Samba to a version containing the fix for CVE-2025-10230 and verify whether the WINS hook is in use; if so, temporarily disable it until the update is applied.

Original NVD description (English source)

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS