Unrated severityNVD Advisory· Published Dec 18, 2025· Updated Jan 15, 2026

BullWall Ransomware Containment hard-coded folder exclusions

CVE-2025-62001

Description

BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0.42, which remove hardcoded exclusion behavior and exposes exclusion handling as configurable settings.

Affected products

BullWall/Ransomware Containmentllm-fuzzy
Range: <4.6.1.14, <5.0.0.42
BullWall/Ransomware Containmentv5
Range: 4.6.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.jsonmitregovernment-resourcethird-party-advisory
www.cve.org/CVERecordmitrevdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000