CVE-2025-20387 | Splunk Enterprise up to 9.2.9/9.3.7/9.4.5/10.0.1 on Windows Universal Forwarder permission assignment (SVD-2025-1206)

A vulnerability was found in Splunk Enterprise up to 9.2.9/9.3.7/9.4.5/10.0.1 on Windows. It has been classified as very critical. Affected by this vulnerability is an unknown functionality of the component Universal Forwarder. This manipulation causes incorrect permission assignment.

This vulnerability appears as CVE-2025-20387. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More