Splunk security advisory (AV25-168)

Serial number: AV25-168
Date: March 27, 2025

On March 26, 2025, Splunk published a security advisory to address a vulnerability in the following products:

  • Splunk Enterprise – versions prior to 9.4.0, 9.3.3, 9.2.5 and 9.1.8
  • Splunk Cloud Platform – versions prior to 9.3.2408.104, 9.2.2406.108, 9.2.2403.114 and 9.1.2312.208

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Splunk - Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp” directory in Splunk Enterprise - CVE-2025-20229

Date modified: