Vulnerability DatabaseCVE-2023-25133

CVE-2023-25133:
Homebrew vulnerability analysis and mitigation

Overview

CVE-2023-25133 is an improper privilege management vulnerability affecting PowerPanel Business software versions 4.8.6 and earlier across multiple platforms including Windows, Linux, and MacOS. The vulnerability was discovered and disclosed on April 24, 2023, by ZUSO Advanced Research Team (ZUSO ART) (NVD, ZUSO Advisory).

Technical details

The vulnerability exists in the default.cmd file of PowerPanel Business Local/Remote and Management editions. It has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction. The vulnerability is classified as CWE-269 (Improper Privilege Management) (NVD).

Impact

If exploited, this vulnerability allows remote attackers to execute operating system commands via unspecified vectors. The impact is rated as critical with high potential for compromise of system confidentiality, integrity, and availability (NVD).

Mitigation and workarounds

Users should upgrade to versions newer than PowerPanel Business 4.8.6. The vulnerability affects all editions (Local/Remote and Management) across Windows, Linux, and MacOS platforms (CyberPower Windows, CyberPower Linux, CyberPower MacOS).

Additional resources

Source: This report was generated using AI

Related Homebrew vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-22861	HIGH	8.8	Homebrew	iccdev	No	Yes	Jan 13, 2026
CVE-2026-22776	HIGH	8.7	Homebrew	cpp-httplib	No	Yes	Jan 12, 2026
CVE-2026-22783	HIGH	8.1	NixOS	iris	No	Yes	Jan 12, 2026
CVE-2026-21283	HIGH	7.8	Adobe Bridge	bridge	No	Yes	Jan 13, 2026
CVE-2026-22784	LOW	2.3	NixOS	lychee	No	Yes	Jan 12, 2026