CVE-2025-3047

6.5 MEDIUM

Published: March 31, 2025 Modified: October 14, 2025

Description

When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A user could leverage the elevated permissions to access restricted files via symlinks and copy them to a more permissive location on the container. Users should upgrade to v1.133.0 or newer and ensure any forked or derivative code is patched to incorporate the new fixes.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://aws.amazon.com/security/security-bulletins/AWS-2025-008/

Source: ff89ba41-3aa1-4d27-914a-91399e9639e5

https://github.com/aws/aws-sam-cli/releases/tag/v1.134.0

Source: ff89ba41-3aa1-4d27-914a-91399e9639e5

https://github.com/aws/aws-sam-cli/security/advisories/GHSA-px37-jpqx-97q9

Source: ff89ba41-3aa1-4d27-914a-91399e9639e5

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

6.5 / 10.0

EPSS (Exploit Probability)

0.0%

7th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-61

Related CVEs

CVE-2025-69261 N/A

CVE-2025-69257 6.7

CVE-2025-69210 N/A

CVE-2025-66823 N/A

CVE-2025-50343 N/A