Not Failing Securely ('Failing Open')

CVE-2025-41759

Medium

4.9/10

Summary

An administrator may attempt to block all networks by specifying "\*" or "all" as the network identifier. However, these values are not supported and do not trigger any validation error. Instead, they are silently interpreted as network 0 which results in no networks being blocked at all.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-636 - Not Failing Securely ('Failing Open')

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.

References

Advisory Timeline

Published Mar 09, 2026

Not Failing Securely ('Failing Open')

CVE-2025-41759

Summary

CWE-636 - Not Failing Securely ('Failing Open')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS