CVE-2025-0628 identifies an incorrect privilege assignment vulnerability (CWE-266) in the BerriAI litellm application. Specifically, users assigned the 'internal_user_viewer' role are erroneously provisioned with API keys that grant them full administrative access, including endpoints that manage user data and administrative functions. This improper authorization flaw allows any user with this role to escalate their privileges to a PROXY ADMIN level, bypassing intended access controls. The vulnerability is remotely exploitable over the network (AV:N), requires low attack complexity (AC:L), and only low privileges (PR:L) but no user interaction (UI:N). The impact on confidentiality and integrity is high, as attackers can access sensitive user information and modify administrative settings. Availability impact is not significant. The vulnerability affects unspecified versions of litellm, and no patches or exploit code are currently publicly available. The flaw stems from a failure in enforcing least privilege principles during API key generation and role assignment, highlighting a critical security design oversight in the authorization mechanism of the application.

For European organizations, exploitation of this vulnerability could lead to unauthorized access to sensitive user data and administrative controls within the litellm application. This could result in data breaches, unauthorized user management, and potential manipulation or disruption of services relying on litellm. Organizations in sectors such as finance, healthcare, and government that use BerriAI products may face regulatory compliance violations under GDPR due to unauthorized data exposure. The ability to escalate privileges without user interaction increases the risk of automated or stealthy attacks, potentially compromising internal systems and sensitive information. Additionally, the breach of administrative functions could facilitate further lateral movement within networks, amplifying the overall security risk and operational impact.

1. Immediately audit all API keys issued to users with the 'internal_user_viewer' role and revoke any keys with excessive privileges. 2. Implement strict role-based access control (RBAC) policies ensuring that API keys are generated with the principle of least privilege, limiting access strictly to necessary endpoints. 3. Introduce multi-factor authentication (MFA) for administrative functions to add an additional security layer. 4. Monitor API usage logs for unusual access patterns, especially calls to administrative endpoints from accounts with viewer roles. 5. Engage with BerriAI to obtain patches or updates addressing this vulnerability as soon as they become available. 6. Conduct a thorough security review of authorization mechanisms within litellm and related applications to identify and remediate similar privilege assignment issues. 7. Educate internal teams about the risk and signs of privilege escalation attacks to enhance detection and response capabilities.