Cybersecurity Vulnerabilities

HTCondor Under Attack: User Impersonation Vulnerability (CVE-2025-66433)

November 30, 2025 - By 

Overview

CVE-2025-66433 describes a medium-severity security vulnerability affecting HTCondor Access Point. Specifically, versions before 24.12.14, 25.0.3, and 25.3.1 are susceptible to user impersonation. An authenticated user can potentially impersonate other users on the same local machine by submitting a specifically crafted batch job. This vulnerability has been addressed in versions 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3.

Technical Details

The vulnerability stems from insufficient validation of user identity during batch job submission within the HTCondor Access Point. An authenticated user can manipulate certain parameters within the job submission process to assume the identity of another local user. This allows the malicious user to potentially execute commands or access resources as the impersonated user.

CVSS Analysis

  • CVSS Score: 4.2 (Medium)
  • Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • Explanation: The vulnerability requires local access (AV:L) and low attack complexity (AC:L). It also requires the attacker to have low privileges (PR:L). No user interaction is required (UI:N). The scope is unchanged (S:U). Confidentiality and Integrity impact are low (C:L/I:L), while availability impact is none (A:N). This translates to an attacker with local access being able to potentially read and modify some data accessible to the impersonated user, but cannot prevent the impersonated user from accessing those same resources.

Possible Impact

Successful exploitation of CVE-2025-66433 could lead to:

  • Data Breach: An attacker could potentially access sensitive data belonging to the impersonated user.
  • Privilege Escalation: While the attacker initially has low privileges, they could use the impersonated identity to access resources and perform actions normally restricted to that user.
  • System Compromise: Depending on the privileges of the impersonated user, a more significant compromise of the system may be possible, although unlikely given the CVSS score.

Mitigation and Patch Steps

To mitigate the risk of CVE-2025-66433, it is highly recommended to upgrade HTCondor Access Point to one of the following versions or later:

  • 24.12.14
  • 25.0.3
  • 25.3.1

You can obtain the latest versions from the official HTCondor website and follow their upgrade instructions. Consider applying security patches promptly after release.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *