Medium severity6.8NVD Advisory· Published Jul 9, 2025· Updated Apr 15, 2026

CVE-2025-27028

Description

The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash).

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cvcn.gov.it/cvcn/cve/CVE-2025-27028nvd

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000