CVE-2025-5999 Overview
CVE-2025-5999 is a privilege escalation vulnerability in HashiCorp Vault. A privileged operator with write permissions to the root namespace's identity endpoint can escalate their own token, or another user's token, to Vault's root policy. The flaw is tracked as [CWE-266: Incorrect Privilege Assignment] and affects both Vault Community Edition and Vault Enterprise.
HashiCorp addressed the issue in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, and 1.16.22. The advisory is published as HCSEC-2025-13.
Critical Impact
An authenticated operator with identity-endpoint write access can promote any token to Vault's root policy, gaining full administrative control over all secrets, policies, and authentication backends.
Affected Products
- HashiCorp Vault Community Edition prior to 1.20.0
- HashiCorp Vault Enterprise prior to 1.20.0, 1.19.6, 1.18.11, and 1.16.22
- Deployments using the root namespace identity endpoint
Discovery Timeline
- 2025-08-01 - CVE-2025-5999 published to NVD
- 2025-08-13 - Last updated in NVD database
Technical Details for CVE-2025-5999
Vulnerability Analysis
The vulnerability resides in Vault's identity subsystem within the root namespace. Vault uses identity entities and groups to map authenticated principals to policies. The root namespace identity endpoint did not properly constrain which policies an operator could assign during entity or group modification operations.
An operator holding write privileges on identity/* paths within the root namespace can craft requests that attach the built-in root policy to an identity entity or group. Tokens belonging to that entity or group then inherit root-level capabilities. This breaks Vault's policy separation model, where root policy assignment is meant to be restricted to existing root-token holders.
The issue is classified as [CWE-266: Incorrect Privilege Assignment]. Exploitation requires authentication and high privileges, but the resulting impact compromises confidentiality, integrity, and availability across the entire Vault deployment.
Root Cause
Vault's identity endpoint handlers in the root namespace failed to enforce that the root policy could not be assigned through standard write operations. The authorization check distinguished identity write capability from the stricter check required to grant the root policy. This allowed any caller with create or update on identity/entity or identity/group to elevate token bindings.
Attack Vector
The attack is conducted over the network against Vault's HTTP API. An authenticated operator issues a write request to an identity endpoint such as identity/entity or identity/group, supplying root in the policies parameter. The operator then generates or refreshes a token for the modified entity. The token receives unrestricted root capabilities, including the ability to read, write, or delete every secret, revoke tokens, modify audit devices, and disable seal protection.
The vulnerability mechanism is described in the HashiCorp advisory linked under references. No public proof-of-concept code has been released, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.
Detection Methods for CVE-2025-5999
Indicators of Compromise
- Audit log entries showing write operations to identity/entity, identity/entity-alias, or identity/group paths where the request payload includes the root policy.
- Tokens associated with non-root entities that resolve to the root policy when inspected with vault token lookup.
- Unexpected creation or modification of identity groups in the root namespace by operators who do not normally administer identity.
Detection Strategies
- Enable and forward Vault audit device logs to a centralized analytics platform and alert on identity write operations that reference the root policy.
- Periodically enumerate identity entities and groups using vault read identity/entity/id/<id> and flag any that list root in policies.
- Correlate identity modifications with subsequent token creation events to identify privilege chains that result in root-equivalent access.
Monitoring Recommendations
- Baseline normal write activity on identity/* endpoints and alert on deviations, particularly outside change windows.
- Monitor the use of root tokens and any tokens whose effective policy list contains root.
- Review authentication events from accounts holding the privileged identity write capability for unusual source IPs or session timing.
How to Mitigate CVE-2025-5999
Immediate Actions Required
- Upgrade Vault to a fixed release: Community Edition 1.20.0 or Enterprise 1.20.0, 1.19.6, 1.18.11, or 1.16.22.
- Audit all identity entities and groups in the root namespace and remove any unauthorized assignment of the root policy.
- Rotate tokens and credentials issued to entities that may have been modified while the vulnerability was exploitable.
Patch Information
HashiCorp fixed the issue in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, and 1.16.22. Full remediation details are available in the HashiCorp Discussion on HCSEC-2025-13.
Workarounds
- Restrict policies granting write access to identity/* paths in the root namespace to a minimal set of trusted operators.
- Move tenant workloads into non-root namespaces where the elevation path is not reachable, and reserve the root namespace for administrative use only.
- Enable audit logging on all Vault listeners so identity changes are recorded and reviewable until patching is complete.
# Configuration example: restrict identity write capability via a policy
path "identity/entity" {
capabilities = ["read", "list"]
}
path "identity/group" {
capabilities = ["read", "list"]
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
