CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow attackers to execute arbitrary code on the server running Caldera, leading to the compromise of sensitive systems.
MITRE Caldera is a powerful open-source platform designed for simulating cyberattacks in a controlled environment. Its core functionality revolves around emulating advanced persistent threats (APTs) by deploying agents, or implants, to carry out operations such as reconnaissance, exploitation, and post-exploitation activities.
These agents, including Sandcat and Manx, are used to simulate adversarial tactics by executing commands remotely. The Caldera platform provides a command-and-control (C2) server API that handles requests to compile and deploy these agents to target systems.
What is CVE-2025-27364?
CVE-2025-27364 is the vulnerability in MITRE Caldera’s dynamic agent compilation functionality, present in versions 4.2.0 and earlier (up to commit 35bc06e) of the platform. This flaw specifically affects the process by which Caldera compiles and downloads its Sandcat or Manx agents.
In the absence of proper input sanitization, attackers can manipulate this process to execute arbitrary code on the server via specially crafted web requests directed at the Caldera server API. This type of attack is classified as a Remote Code Execution (RCE) vulnerability.
The Technical Breakdown of CVE-2025-27364
The vulnerability stems from the Caldera server’s use of dynamic compilation for its Sandcat and Manx agents. These agents are small reverse shells designed to communicate with the Caldera server, carrying out tasks as assigned during a simulated cyberattack operation. The compilation endpoint, which is a critical part of the Caldera platform, is particularly susceptible because it lacks proper authentication mechanisms. This absence of authentication allows unauthorized actors to exploit the system without needing any valid credentials.
The core of the issue lies in the Caldera server’s handling of certain linker flags, specifically the -extldflags option, used when compiling agents. These linker flags are passed to the gcc (GNU Compiler Collection) tool, which processes them during the agent compilation process. By manipulating these flags, attackers can inject malicious commands into the compilation process, potentially leading to the execution of arbitrary code on the server.
How Vulnerability Works?
To better understand how this vulnerability works, it’s essential to trace the execution flow within Caldera’s codebase. According to MITRE Caldera Medium post by Dawid Kulikowski, when an attacker submits a crafted request to the Caldera server API, the server processes this request to compile the desired agent. One of the steps in this process involves passing user-controlled data (the agent parameters) to a function responsible for compiling the agent on the fly.
In particular, the vulnerability is triggered by the interaction with the gcc tool during compilation. By using the -extldflags linker flag, an attacker can control certain execution aspects, such as specifying which external linker to use and the flags that are appended to the invocation. These actions can be exploited to execute arbitrary binaries, like Python or Bash scripts, under the control of the attacker.
While a simple command injection might not be immediately possible due to the way subprocess calls are structured in Caldera, attackers can still exploit the vulnerability by controlling the parameters passed to the linker. This makes it possible for an attacker to execute arbitrary binaries with the permissions of the Caldera server process, which could be disastrous if the server is running with elevated privileges.
Severity and Risk Assessment
The vulnerability has been assigned a critical severity rating by the MITRE Caldera team, with a CVSS (Common Vulnerability Scoring System) score of 10.0, indicating a high level of risk. The severity of this vulnerability is exacerbated by its widespread availability; any default configuration of Caldera, with the required dependencies (Go, Python, and GCC), is vulnerable to exploitation. Since GCC is a common dependency on many systems, including those running Caldera, this makes the vulnerability highly likely to be exploitable.
The MITRE Caldera team has urged all users to patch their systems immediately by upgrading to version 5.1.0 or later, as these versions contain fixes for the vulnerability. As always, the MITRE Caldera team has emphasized the importance of securing such tools and recommends that users do not expose Caldera instances to the internet unless absolutely necessary.
Impact and Exploitation
If left unpatched, CVE-2025-27364 could have serious consequences. An attacker who successfully exploits this vulnerability could gain full control over the Caldera server, potentially compromising sensitive data or using the server as a launchpad for further attacks on the network. The attacker could execute arbitrary code, install backdoors, or deploy additional agents that could be used for more advanced exploitation.
The vulnerability’s remote nature also means that attackers do not need direct access to the internal network, making it easier for them to exploit vulnerable instances exposed to the internet. This increases the attack surface and makes timely patching even more crucial.
Conclusion
In response to CVE-2025-27364, the MITRE Caldera team acted quickly to patch the vulnerability, incorporating changes to sanitize user-controlled data and prevent malicious exploitation via linker flags. They also acknowledged the contribution of Dawid Kulikowski, who reported the issue and supported the patching process
Users are urged to upgrade to version 5.1.0 or later and to avoid exposing Caldera instances to the internet unless necessary. This incident highlights the risks associated with open-source security tools like MITRE Caldera, highlighting the importance of input validation and security best practices to protect against cyber threats.
