CVE-2025-27093 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-27093 Interim 1 1 2025-12-23T00:40:56Z current 2025-12-23T00:40:56Z 2025-12-23T00:40:56Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-27093 Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does not limit traffic between Wireguard clients. This allows clients to communicate with each other unrestrictedly, potentially enabling leaked or recovered keypairs to be used to attack operators or allowing port forwardings to be accessible from other implants. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed govulncheck-vulndb-0.0.20251105T184115-1.1 govulncheck-vulndb-0.0.20251105T184115-1.1 as a component of openSUSE Tumbleweed Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does not limit traffic between Wireguard clients. This allows clients to communicate with each other unrestrictedly, potentially enabling leaked or recovered keypairs to be used to attack operators or allowing port forwardings to be accessible from other implants. CVE-2025-27093 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1 moderate