PatchSiren cyber security CVE debrief
CVE-2025-60946 Census CVE debrief
CVE-2025-60946 is a high-severity path traversal vulnerability in Census CSWeb 8.0.1. An authenticated attacker could access unintended file directories. The issue was fixed in version 8.1.0 alpha. According to the CVE record, the vulnerability has a CVSS score of 8.8, indicating a high severity level. The source item from CISA CSAF provides detailed information about the vulnerability, including its description, affected products, and remediation steps.
- Vendor
- Census
- Product
- CSWeb
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-23
- Original CVE updated
- 2026-02-23
- Advisory published
- 2026-02-23
- Advisory updated
- 2026-02-23
Who should care
Organizations using Census CSWeb 8.0.1 should prioritize patching to prevent potential exploitation. Security teams and administrators responsible for maintaining Census CSWeb installations should be aware of this vulnerability and take immediate action to mitigate the risk. Additionally, developers and security researchers interested in understanding the vulnerability and its implications may also find this information valuable.
Technical summary
CVE-2025-60946 is a path traversal vulnerability in Census CSWeb 8.0.1, allowing an authenticated attacker to access unintended file directories. The vulnerability is caused by arbitrary file path input. The issue was fixed in version 8.1.0 alpha. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a high severity level. The source item from CISA CSAF provides detailed information about the vulnerability, including its description, affected products, and remediation steps.
Defensive priority
High priority should be given to patching Census CSWeb installations to prevent potential exploitation. Security teams should verify that their installations are updated to version 8.1.0 alpha or later.
Recommended defensive actions
- Patch Census CSWeb installations to version 8.1.0 alpha or later.
- Verify that Census CSWeb installations are updated to version 8.1.0 alpha or later.
- Monitor Census CSWeb installations for potential exploitation attempts.
- Review and update security policies and procedures to ensure that Census CSWeb installations are properly secured.
- Conduct a thorough risk assessment to identify potential vulnerabilities and prioritize remediation efforts.
Evidence notes
The source item from CISA CSAF provides detailed information about the vulnerability, including its description, affected products, and remediation steps. The CVE record and NVD detail provide additional information about the vulnerability, including its CVSS score and vector. The source references provide additional context and information about the vulnerability.
Official resources
-
CVE-2025-60946 CVE record
CVE.org
-
CVE-2025-60946 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
This article is AI-assisted and based on the supplied source corpus.