← back
CVE-2025-62002

BullWall Ransomware Containment file count detection bypass

CVSS 5.3 MEDIUMEPSS 0.3%CWE-358
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection can be configured by the user. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
BullWall · Ransomware Containment

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.jsonhttps://www.cve.org/CVERecord?id=CVE-2025-62002