CVE-2025-64507 - Incus Container Manager Privilege Escalation
Category:Vulnerabilities & Exploits
CVE-2025-64507 affects Incus container manager, allowing local users to escalate privileges via the incus-user helper (T1068). Debian DSA-6051-1 fixes this in 6.0.4-2+deb13u2. Attackers can gain full host control from container contexts, compromising isolation in CI/CD and multi-tenant environments.
CORTEX Protocol Intelligence Assessment
Business Impact: Breaks container isolation, exposing workloads on affected hosts. Technical Context: Arises from insufficient separation in incus-user helper. Maps to T1068.
Strategic Intelligence Guidance
- Upgrade to patched Incus versions (≥6.0.6).
- Audit incus-user access groups.
- Monitor for anomalous Incus operations.
- Segment CI/CD and production clusters.
CVEs
Vendors
Threats
Targets
Intelligence Source: CVE-2025-64507 - Incus Container Manager Privilege Escalation | Nov 11, 2025