QwikSec

Security Database

CVE

CWE

Training

CVE-2025-9918

Published: Sep 11, 2025

Modified: Sep 11, 2025

PUBLISHED

Description

A Path Traversal vulnerability in the archive extraction component in Google SecOps SOAR Server (versions 6.3.54.0, 6.3.53.2, and all prior versions) allows an authenticated attacker with permissions to import Use Cases to achieve Remote Code Execution (RCE) via uploading a malicious ZIP archive containing path traversal sequences.

Vendor	Product	Versions
Google Cloud	Google SecOps SOAR	affected `0 - < 6.3.54.0` affected `0 - < 6.3.53.2`

Weaknesses (CWE)

References

https://cloud.google.com/support/bulletins?gcp-2025-049

vendor-advisory

https://cloud.google.com/chronicle/docs/security-bulletins#GCP-2025-049

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.