Low severityNVD Advisory· Published Sep 18, 2025· Updated Apr 15, 2026
CVE-2025-10650
CVE-2025-10650
Description
SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 and 2.6.3. No generally available (GA) or customer-released production builds were affected. There is no evidence that this issue was exposed in customer environments or production deployments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=2.5.0 <=2.6.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.