CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13428

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution (RCE) in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containing a malicious setup.py file, which would execute on the server during the installation process, leading to potential server compromise. No customer action is required. All customers have been automatically upgraded to the fixed version: 6.3.64 or higher.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.8%

CVSS Severity

CVSS v3 Score 7.2

References

https://cloud.google.com/support/bulletins#gcp-2025-075

Products affected by CVE-2025-13428

Google » Security Operations Soar » Version: 6.2.30

cpe:2.3:a:google:security_operations_soar:6.2.30
Google » Security Operations Soar » Version: 6.2.31

cpe:2.3:a:google:security_operations_soar:6.2.31
Google » Security Operations Soar » Version: 6.2.32

cpe:2.3:a:google:security_operations_soar:6.2.32
Google » Security Operations Soar » Version: 6.2.33

cpe:2.3:a:google:security_operations_soar:6.2.33
Google » Security Operations Soar » Version: 6.2.34

cpe:2.3:a:google:security_operations_soar:6.2.34
Google » Security Operations Soar » Version: 6.2.35

cpe:2.3:a:google:security_operations_soar:6.2.35
Google » Security Operations Soar » Version: 6.2.36

cpe:2.3:a:google:security_operations_soar:6.2.36
Google » Security Operations Soar » Version: 6.2.37

cpe:2.3:a:google:security_operations_soar:6.2.37
Google » Security Operations Soar » Version: 6.2.38

cpe:2.3:a:google:security_operations_soar:6.2.38
Google » Security Operations Soar » Version: 6.2.39

cpe:2.3:a:google:security_operations_soar:6.2.39
Google » Security Operations Soar » Version: 6.2.40

cpe:2.3:a:google:security_operations_soar:6.2.40
Google » Security Operations Soar » Version: 6.2.41

cpe:2.3:a:google:security_operations_soar:6.2.41
Google » Security Operations Soar » Version: 6.2.42

cpe:2.3:a:google:security_operations_soar:6.2.42
Google » Security Operations Soar » Version: 6.2.43

cpe:2.3:a:google:security_operations_soar:6.2.43
Google » Security Operations Soar » Version: 6.2.44

cpe:2.3:a:google:security_operations_soar:6.2.44
Google » Security Operations Soar » Version: 6.2.45

cpe:2.3:a:google:security_operations_soar:6.2.45
Google » Security Operations Soar » Version: 6.2.46

cpe:2.3:a:google:security_operations_soar:6.2.46
Google » Security Operations Soar » Version: 6.2.47

cpe:2.3:a:google:security_operations_soar:6.2.47
Google » Security Operations Soar » Version: 6.2.48

cpe:2.3:a:google:security_operations_soar:6.2.48
Google » Security Operations Soar » Version: 6.2.49

cpe:2.3:a:google:security_operations_soar:6.2.49
Google » Security Operations Soar » Version: 6.2.5.0

cpe:2.3:a:google:security_operations_soar:6.2.5.0
Google » Security Operations Soar » Version: 6.2.50

cpe:2.3:a:google:security_operations_soar:6.2.50
Google » Security Operations Soar » Version: 6.2.51

cpe:2.3:a:google:security_operations_soar:6.2.51
Google » Security Operations Soar » Version: 6.2.52

cpe:2.3:a:google:security_operations_soar:6.2.52
Google » Security Operations Soar » Version: 6.2.53

cpe:2.3:a:google:security_operations_soar:6.2.53
Google » Security Operations Soar » Version: 6.2.54

cpe:2.3:a:google:security_operations_soar:6.2.54
Google » Security Operations Soar » Version: 6.3.0

cpe:2.3:a:google:security_operations_soar:6.3.0
Google » Security Operations Soar » Version: 6.3.1

cpe:2.3:a:google:security_operations_soar:6.3.1
Google » Security Operations Soar » Version: 6.3.10

cpe:2.3:a:google:security_operations_soar:6.3.10
Google » Security Operations Soar » Version: 6.3.11

cpe:2.3:a:google:security_operations_soar:6.3.11
Google » Security Operations Soar » Version: 6.3.12

cpe:2.3:a:google:security_operations_soar:6.3.12
Google » Security Operations Soar » Version: 6.3.13

cpe:2.3:a:google:security_operations_soar:6.3.13
Google » Security Operations Soar » Version: 6.3.14

cpe:2.3:a:google:security_operations_soar:6.3.14
Google » Security Operations Soar » Version: 6.3.15

cpe:2.3:a:google:security_operations_soar:6.3.15
Google » Security Operations Soar » Version: 6.3.16

cpe:2.3:a:google:security_operations_soar:6.3.16
Google » Security Operations Soar » Version: 6.3.17

cpe:2.3:a:google:security_operations_soar:6.3.17
Google » Security Operations Soar » Version: 6.3.18

cpe:2.3:a:google:security_operations_soar:6.3.18
Google » Security Operations Soar » Version: 6.3.19

cpe:2.3:a:google:security_operations_soar:6.3.19
Google » Security Operations Soar » Version: 6.3.2

cpe:2.3:a:google:security_operations_soar:6.3.2
Google » Security Operations Soar » Version: 6.3.20

cpe:2.3:a:google:security_operations_soar:6.3.20
Google » Security Operations Soar » Version: 6.3.21

cpe:2.3:a:google:security_operations_soar:6.3.21
Google » Security Operations Soar » Version: 6.3.22

cpe:2.3:a:google:security_operations_soar:6.3.22
Google » Security Operations Soar » Version: 6.3.23

cpe:2.3:a:google:security_operations_soar:6.3.23
Google » Security Operations Soar » Version: 6.3.24

cpe:2.3:a:google:security_operations_soar:6.3.24
Google » Security Operations Soar » Version: 6.3.25

cpe:2.3:a:google:security_operations_soar:6.3.25
Google » Security Operations Soar » Version: 6.3.26

cpe:2.3:a:google:security_operations_soar:6.3.26
Google » Security Operations Soar » Version: 6.3.27

cpe:2.3:a:google:security_operations_soar:6.3.27
Google » Security Operations Soar » Version: 6.3.28

cpe:2.3:a:google:security_operations_soar:6.3.28
Google » Security Operations Soar » Version: 6.3.29

cpe:2.3:a:google:security_operations_soar:6.3.29
Google » Security Operations Soar » Version: 6.3.3

cpe:2.3:a:google:security_operations_soar:6.3.3
Google » Security Operations Soar » Version: 6.3.30

cpe:2.3:a:google:security_operations_soar:6.3.30
Google » Security Operations Soar » Version: 6.3.31

cpe:2.3:a:google:security_operations_soar:6.3.31
Google » Security Operations Soar » Version: 6.3.32

cpe:2.3:a:google:security_operations_soar:6.3.32
Google » Security Operations Soar » Version: 6.3.33

cpe:2.3:a:google:security_operations_soar:6.3.33
Google » Security Operations Soar » Version: 6.3.34

cpe:2.3:a:google:security_operations_soar:6.3.34
Google » Security Operations Soar » Version: 6.3.35

cpe:2.3:a:google:security_operations_soar:6.3.35
Google » Security Operations Soar » Version: 6.3.36

cpe:2.3:a:google:security_operations_soar:6.3.36
Google » Security Operations Soar » Version: 6.3.37

cpe:2.3:a:google:security_operations_soar:6.3.37
Google » Security Operations Soar » Version: 6.3.38

cpe:2.3:a:google:security_operations_soar:6.3.38
Google » Security Operations Soar » Version: 6.3.39

cpe:2.3:a:google:security_operations_soar:6.3.39
Google » Security Operations Soar » Version: 6.3.4

cpe:2.3:a:google:security_operations_soar:6.3.4
Google » Security Operations Soar » Version: 6.3.40

cpe:2.3:a:google:security_operations_soar:6.3.40
Google » Security Operations Soar » Version: 6.3.41

cpe:2.3:a:google:security_operations_soar:6.3.41
Google » Security Operations Soar » Version: 6.3.42

cpe:2.3:a:google:security_operations_soar:6.3.42
Google » Security Operations Soar » Version: 6.3.43

cpe:2.3:a:google:security_operations_soar:6.3.43
Google » Security Operations Soar » Version: 6.3.44

cpe:2.3:a:google:security_operations_soar:6.3.44
Google » Security Operations Soar » Version: 6.3.45

cpe:2.3:a:google:security_operations_soar:6.3.45
Google » Security Operations Soar » Version: 6.3.46

cpe:2.3:a:google:security_operations_soar:6.3.46
Google » Security Operations Soar » Version: 6.3.47

cpe:2.3:a:google:security_operations_soar:6.3.47
Google » Security Operations Soar » Version: 6.3.48

cpe:2.3:a:google:security_operations_soar:6.3.48
Google » Security Operations Soar » Version: 6.3.49

cpe:2.3:a:google:security_operations_soar:6.3.49
Google » Security Operations Soar » Version: 6.3.5

cpe:2.3:a:google:security_operations_soar:6.3.5
Google » Security Operations Soar » Version: 6.3.50

cpe:2.3:a:google:security_operations_soar:6.3.50
Google » Security Operations Soar » Version: 6.3.51

cpe:2.3:a:google:security_operations_soar:6.3.51
Google » Security Operations Soar » Version: 6.3.52

cpe:2.3:a:google:security_operations_soar:6.3.52
Google » Security Operations Soar » Version: 6.3.53

cpe:2.3:a:google:security_operations_soar:6.3.53
Google » Security Operations Soar » Version: 6.3.54

cpe:2.3:a:google:security_operations_soar:6.3.54
Google » Security Operations Soar » Version: 6.3.55

cpe:2.3:a:google:security_operations_soar:6.3.55
Google » Security Operations Soar » Version: 6.3.56

cpe:2.3:a:google:security_operations_soar:6.3.56
Google » Security Operations Soar » Version: 6.3.57

cpe:2.3:a:google:security_operations_soar:6.3.57
Google » Security Operations Soar » Version: 6.3.58

cpe:2.3:a:google:security_operations_soar:6.3.58
Google » Security Operations Soar » Version: 6.3.59

cpe:2.3:a:google:security_operations_soar:6.3.59
Google » Security Operations Soar » Version: 6.3.6

cpe:2.3:a:google:security_operations_soar:6.3.6
Google » Security Operations Soar » Version: 6.3.60

cpe:2.3:a:google:security_operations_soar:6.3.60
Google » Security Operations Soar » Version: 6.3.61

cpe:2.3:a:google:security_operations_soar:6.3.61
Google » Security Operations Soar » Version: 6.3.62

cpe:2.3:a:google:security_operations_soar:6.3.62
Google » Security Operations Soar » Version: 6.3.63

cpe:2.3:a:google:security_operations_soar:6.3.63
Google » Security Operations Soar » Version: 6.3.7

cpe:2.3:a:google:security_operations_soar:6.3.7
Google » Security Operations Soar » Version: 6.3.8

cpe:2.3:a:google:security_operations_soar:6.3.8
Google » Security Operations Soar » Version: 6.3.9

cpe:2.3:a:google:security_operations_soar:6.3.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13428

Products

Pricing

Contact Us