Unrated severityNVD Advisory· Published Dec 18, 2025· Updated Jan 15, 2026

BullWall Ransomware Containment file count detection bypass

CVE-2025-62002

Description

BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection can be configured by the user. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.

Affected products

BullWall/Ransomware Containmentllm-create
Range: 4.6.0.0, 4.6.0.6, 4.6.0.7, 4.6.1.4
BullWall/Ransomware Containmentv5
Range: 4.6.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-352-01.jsonmitregovernment-resourcethird-party-advisory
www.cve.org/CVERecordmitrevdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000