Improper Isolation or Compartmentalization

CVE-2025-41688

High

7.2/10

Summary

A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-653 - Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

References

Advisory Timeline

Published Jul 31, 2025

Improper Isolation or Compartmentalization

CVE-2025-41688

Summary

CWE-653 - Improper Isolation or Compartmentalization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS