Zabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0.

7.3 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.

Basic Information

ID CVE-2025-27234

Source Zabbix

Published Sep 12, 2025 at 10:31

Affected Product

Vendor Zabbix

Product Zabbix

Version 5.0.0

Affected Versions Zabbix Zabbix 5.0.0

CWE Classification

CWE-78

References

support.zabbix.com /browse/ZBX-26985

{
    "lastseen": "",
    "description": "Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.",
    "published": "2025-09-12T10:31:58.770Z",
    "modified": "2025-09-12T10:31:58.770Z",
    "type": "cve",
    "title": "Zabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0.",
    "source": "Zabbix",
    "references": "https://support.zabbix.com/browse/ZBX-26985",
    "id": "CVE-2025-27234",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Zabbix Zabbix 5.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Zabbix",
    "version": "5.0.0",
    "vendor": "Zabbix",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Zabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0._CVE-2025-27234