rootio-linux: Unauthenticated Code Execution via Malicious Network Request

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Code Execution via Malicious Network Request

ROOT-OS-DEBIAN-13-CVE-2025-40247

Summary

A security patch has been released for rootio-linux, which fixes a vulnerability that allows an attacker to execute malicious code on a system without needing a password. This affects all users of rootio-linux, especially those who interface with the software over a network. Users are advised to update their rootio-linux installation to the latest patched version.

What to do

Update rootio-linux to version 6.12.63-1.root.io.64.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-linux	<= 6.12.63-1.root.io.64	6.12.63-1.root.io.64

Original title

CVE-2025-40247 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-40247 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available.

Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026