Bulletin ID: HCSEC-2025-14
Affected Products / Versions: Vault Community Edition from 0.8.0 up to 1.20.0, fixed in 1.20.1.
Vault Enterprise from 0.8.0 up to 1.20.0, 1.19.6, 1.18.11, 1.16.22, 1.15.15, fixed in 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Publication Date: August 1, 2025
Summary
A privileged Vault operator within the root namespace with write permission to sys/audit may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. This vulnerability, identified as CVE-2025-6000, is fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Background
Audit devices are the components in Vault that collectively keep a detailed log of all requests to Vault, and their responses and have a wide range of options, including the ability to provide a per-line prefix and specify where the location of the audit log on disk..
Some audit data fields are HMAC’d using a per-audit-device key, and the HMAC can be computed using the sys/audit-hash endpoint.
External plugins run as separate, standalone applications that Vault executes and communicates with over RPC. When you mount an external plugin, Vault spawns a new process or container to run the code.
Administrative namespaces grant a given namespace access to a pre-defined subset of privileged backend system endpoints in Vault.
Details
A malicious operator with write permissions to the sys/audit endpoint may use Vault’s file audit device to write arbitrary files to disk. When combined with the plugin registration and usage, this functionality may be used to execute arbitrary code on the underlying host.
While the SHA256 digest of the file is required for execution, and that audit devices have a per-device HMAC key, it may be possible for a malicious operator to reproduce the exact contents of a given audit file and compute the hash with the help of sys/audit-hash.
Exploitation of this vulnerability requires write permissions to sys/audit within Vault’s root namespace.
This vulnerability cannot be exploited in HCP Vault Dedicated due to its use of administrative namespaces.
Remediation
The prefix option is now disabled by default for any new Audit device, and now requires AllowAuditLogPrefixing to be set to true in Vault’s configuration. Audit logs destination can no longer be set to the plugin directory.
Customers should evaluate the risk associated with this issue and consider upgrading to Vault Community Edition 1.20.1 or Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Please refer to Upgrading Vault for general guidance.
Acknowledgement
This issue was identified by Yarden Porat of Cyata Security who reported it to HashiCorp.
We deeply appreciate any effort to coordinate disclosure of security vulnerabilities. For information about security at HashiCorp and the reporting of security vulnerabilities, please see https://hashicorp.com/security.