CVE-2025-6000: HashiCorp Vault RCE Vulnerability

CVE-2025-6000 Overview

A critical code execution vulnerability has been identified in HashiCorp Vault that allows a privileged Vault operator within the root namespace with write permission to sys/audit to obtain code execution on the underlying host when a plugin directory is configured. This vulnerability (CWE-94: Code Injection) enables attackers with elevated privileges to break out of Vault's security boundary and execute arbitrary code on the host system.

Critical Impact

Privileged Vault operators can achieve host-level code execution, potentially compromising the entire infrastructure hosting Vault and any secrets managed by the system.

Affected Products

• HashiCorp Vault Community Edition versions prior to 1.20.1
• HashiCorp Vault Enterprise versions prior to 1.20.1, 1.19.7, 1.18.12, and 1.16.23
• HashiCorp Vault Enterprise 1.20.0

Discovery Timeline

• August 1, 2025 - CVE-2025-6000 published to NVD
• August 13, 2025 - Last updated in NVD database

Technical Details for CVE-2025-6000

Vulnerability Analysis

This vulnerability represents a code injection flaw that enables privilege escalation from Vault operator to host-level code execution. The attack requires a combination of elevated Vault privileges and specific configuration settings to be exploited.

The vulnerability exists in Vault's audit device functionality. When a Vault operator has write permissions to the sys/audit endpoint within the root namespace and a plugin directory has been configured in Vault's settings, the operator can leverage this access to execute arbitrary code on the underlying host system.

The scope of this vulnerability extends beyond the Vault application itself, as successful exploitation grants the attacker control over the host operating system. This represents a significant security boundary violation, allowing what should be application-level privileges to escalate to host-level access.

Root Cause

The root cause is classified as CWE-94 (Improper Control of Generation of Code / Code Injection). The vulnerability stems from insufficient validation and access controls in the audit device registration path when interacting with the plugin system. When a plugin directory is configured, the combination of root namespace access and sys/audit write permissions creates an exploitation pathway that allows code injection at the host level.

Attack Vector

The attack is network-accessible and requires high privileges to execute. An attacker must first obtain or already possess Vault operator credentials with write access to sys/audit in the root namespace. The target Vault instance must also have a plugin directory configured.

The exploitation flow involves:

1. Attacker authenticates to Vault with privileged operator credentials
2. Attacker confirms write access to sys/audit endpoint in the root namespace
3. Attacker leverages the plugin directory configuration to inject malicious code
4. Code executes on the underlying host system with the privileges of the Vault process

While no public proof-of-concept exploits have been published, the technical requirements for exploitation are well-documented in the advisory. Organizations should assume that sophisticated threat actors could develop working exploits based on the vulnerability description.

Detection Methods for CVE-2025-6000

Indicators of Compromise

• Unexpected audit device registrations or modifications in Vault's sys/audit endpoint
• Unusual plugin activity or new plugin registrations in the configured plugin directory
• Anomalous process execution originating from the Vault process or its parent
• Unexpected outbound network connections from the Vault host

Detection Strategies

• Monitor Vault audit logs for write operations to sys/audit from non-standard administrative accounts
• Implement file integrity monitoring on the plugin directory to detect unauthorized additions or modifications
• Deploy endpoint detection and response (EDR) solutions to identify suspicious child processes spawned by Vault
• Enable command-line auditing on the Vault host to capture any unauthorized code execution

Monitoring Recommendations

• Configure alerting for any changes to audit device configurations in Vault
• Establish baseline activity patterns for privileged Vault operators and alert on deviations
• Monitor system calls and process creation events on Vault hosts using security tools like SentinelOne
• Implement network segmentation monitoring to detect unexpected lateral movement from Vault infrastructure

How to Mitigate CVE-2025-6000

Immediate Actions Required

• Upgrade HashiCorp Vault Community Edition to version 1.20.1 or later immediately
• Upgrade HashiCorp Vault Enterprise to version 1.20.1, 1.19.7, 1.18.12, or 1.16.23 depending on your version branch
• Audit all accounts with write access to sys/audit in the root namespace and revoke unnecessary privileges
• Review plugin directory configurations and restrict access to essential use cases only

Patch Information

HashiCorp has released fixed versions addressing this vulnerability. Organizations should upgrade to the patched versions as soon as possible:

For complete details, refer to the HashiCorp Security Advisory HCSEC-2025-14.

Workarounds

• Remove or disable the plugin directory configuration if plugins are not required for your deployment
• Implement strict access controls limiting sys/audit write permissions to only essential administrative accounts
• Use Sentinel policies (Enterprise) to add additional authorization requirements for audit device modifications
• Consider running Vault in a containerized environment with restricted capabilities to limit the impact of potential host-level compromise

# Review current audit device configuration
vault audit list -detailed

# Check plugin directory configuration in Vault config
grep -i "plugin_directory" /etc/vault.d/vault.hcl

# Verify accounts with sys/audit permissions
vault policy list | xargs -I {} vault policy read {} | grep -A5 "sys/audit"