CVE-2025-62002

BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before a...

CVE-2025-62002

BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single possibly large file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection ca...

CVE-2025-62001

BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and...

CVE-2025-62000

BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method fro...

CVE-2025-62001

BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and...

CVE-2025-62001

Summary: CVE-2025-62001 affects BullWall Ransomware Containment. A flaw in configurable/exclusion handling could let an attacker with file write permissions bypass monitoring by renaming directories (e.g., $RECYCLE.BIN/$recycle.bin). Affected versions (per sources): 4.6.0.0, 4.6.0.6, 4.6.0.7, 4.6...

CVE-2025-62000

BullWall Ransomware Containment has an incomplete file-inspection mechanism that relies on header-byte evaluation. An authenticated attacker could encrypt a file while leaving the first four bytes unchanged, bypassing this specific detection method. The issue is limited: BullWall also employs add...

CVE-2025-62000 BullWall Ransomware Containment incomplete file inspection

BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method fro...

PT-2025-52339

Name of the Vulnerable Software and Affected Versions BullWall Ransomware Containment versions 4.6.0.0 through 4.6.1.4 Description BullWall Ransomware Containment does not monitor certain file paths, such as $recycle.bin. An attacker with file write permissions could bypass detection by renaming ...

BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities

RISK EVALUATION BullWall Ransomware Containment and Server Intrusion Protection are products used for ransomware containment. Multiple vulnerabilities were reported that when used individually or in conjunction could allow a remote attacker with valid credentials to log in to a system with...

BullWall Ransomware Containment 安全漏洞

BullWall Ransomware Containment is a ransomware protection software from BullWall Denmark. A security vulnerability exists in BullWall Ransomware Containment versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 that stems from a dependency on the number of file modifications to trigger detection, whic...