Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2025-64140

CVE-2025-64140: Jenkins Azure CLI RCE Vulnerability

CVE-2025-64140 is a remote code execution vulnerability in Jenkins Azure CLI Plugin that lets attackers execute arbitrary shell commands on the controller. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2025-64140 Overview

CVE-2025-64140 is a command injection vulnerability in the Jenkins Azure CLI Plugin version 0.9 and earlier. The plugin does not restrict which commands it executes on the Jenkins controller. Attackers holding Item/Configure permission can execute arbitrary shell commands in the context of the Jenkins controller process.

The flaw maps to [CWE-78] Improper Neutralization of Special Elements used in an OS Command. Jenkins published advisory SECURITY-3538 on October 29, 2025, confirming the issue affects all Azure CLI Plugin releases up to and including 0.9.

Critical Impact

Authenticated users with job configuration rights can run arbitrary operating system commands on the Jenkins controller, leading to full compromise of build infrastructure, stored credentials, and downstream pipelines.

Affected Products

  • Jenkins Azure CLI Plugin version 0.9
  • Jenkins Azure CLI Plugin all prior versions
  • Jenkins controllers with the plugin installed and Item/Configure granted to non-administrators

Discovery Timeline

  • 2025-10-29 - Jenkins releases Security Advisory SECURITY-3538
  • 2025-10-29 - CVE-2025-64140 published to NVD
  • 2025-12-22 - Last updated in NVD database

Technical Details for CVE-2025-64140

Vulnerability Analysis

The Jenkins Azure CLI Plugin provides build step integration for invoking Azure command line tooling from Jenkins jobs. In versions 0.9 and earlier, the plugin executes user-supplied command strings on the Jenkins controller without restricting which binaries or arguments can be invoked.

An attacker who can configure a job, through the Item/Configure permission, can supply arbitrary shell commands that the plugin then runs on the controller. The commands execute with the privileges of the Jenkins controller process, which typically has access to build secrets, plugin credentials, and the Jenkins home directory.

The network attack vector reflects that Jenkins is administered over HTTP or HTTPS. Exploitation requires only low-privileged authenticated access rather than administrative rights.

Root Cause

The root cause is missing input restriction in the plugin's command execution logic. The plugin treats job-configured command input as trusted Azure CLI invocations but passes it to a shell without validating the command name, arguments, or shell metacharacters. There is no allowlist limiting execution to the az binary, and no separation between the plugin's intended Azure operations and arbitrary OS commands.

Attack Vector

Exploitation proceeds in four steps. First, an attacker authenticates to Jenkins with an account that holds Item/Configure on any job. Second, the attacker edits or creates a job that uses the Azure CLI Plugin build step. Third, the attacker supplies a command string containing arbitrary shell commands rather than a legitimate az invocation. Fourth, when the job runs, the plugin executes those commands on the Jenkins controller.

The attacker can read or modify files under JENKINS_HOME, exfiltrate stored credentials, pivot to connected build agents, or tamper with subsequent pipeline outputs.

No public proof-of-concept is listed in the advisory, and the vulnerability is not in the CISA Known Exploited Vulnerabilities catalog. Refer to the Jenkins Security Advisory SECURITY-3538 for the vendor's technical description.

Detection Methods for CVE-2025-64140

Indicators of Compromise

  • Jenkins job configurations referencing the Azure CLI build step with command fields containing shell metacharacters such as ;, &&, |, backticks, or $(...)
  • Unexpected child processes spawned by the Jenkins controller JVM that are not the az binary
  • Outbound network connections from the Jenkins controller to hosts unrelated to Azure management endpoints during job execution
  • Modifications to files under JENKINS_HOME, particularly credentials.xml and secrets/ directories, outside of administrative actions

Detection Strategies

  • Inventory all Jenkins instances and query installed plugin versions to identify Azure CLI Plugin at version 0.9 or earlier
  • Review config.xml files of jobs that use the Azure CLI build step and flag command values that are not strict az subcommand invocations
  • Correlate Jenkins audit logs of job configuration changes with subsequent build console output for commands that read sensitive files or spawn shells

Monitoring Recommendations

  • Enable process-level telemetry on Jenkins controller hosts and alert on non-az child processes of the Jenkins Java process during Azure CLI plugin step execution
  • Monitor and alert on additions or modifications of users granted Item/Configure permission
  • Forward Jenkins system and audit logs to a central analytics platform to retain job configuration history for forensic review

How to Mitigate CVE-2025-64140

Immediate Actions Required

  • Identify all Jenkins controllers with the Azure CLI Plugin installed and record the installed version
  • Restrict the Item/Configure permission to trusted administrators until the plugin is updated or removed
  • Audit existing jobs that use the Azure CLI build step for command strings containing non-az commands or shell metacharacters
  • Rotate any credentials stored on affected Jenkins controllers if unauthorized job configuration activity is found

Patch Information

At the time of the advisory, the Jenkins project had not announced a fixed release for the Azure CLI Plugin. Consult the Jenkins Security Advisory SECURITY-3538 and the OpenWall OSS Security post for the current fix status before deploying any update.

Workarounds

  • Uninstall the Azure CLI Plugin and replace its usage with the standard Execute shell build step constrained by least-privilege agents
  • Apply the Jenkins authorization strategy to remove Item/Configure from non-administrator roles on any controller where the plugin remains installed
  • Run Jenkins controllers as unprivileged operating system accounts and isolate them from production networks and secrets stores
  • Move Azure CLI invocations to dedicated build agents rather than the controller to limit blast radius if exploitation occurs
bash
# Configuration example: list Jenkins plugins and their versions via CLI
java -jar jenkins-cli.jar -s https://jenkins.example.com/ \
  -auth admin:$JENKINS_TOKEN \
  list-plugins | grep -i azure-cli

# Remove the plugin until a fixed version is published
java -jar jenkins-cli.jar -s https://jenkins.example.com/ \
  -auth admin:$JENKINS_TOKEN \
  disable-plugin azure-cli -restart

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne