CVE-2025-13532 identifies a vulnerability in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) version 9.0 when deployed in a BoKS 8.1 domain environment. The root cause is insecure default settings that permit the selection of weak password hash algorithms, specifically involving yescrypt support, which is intended as a modern password hashing scheme but here is configured with insufficient computational effort. This weakness falls under CWE-916, which concerns the use of password hashes that do not require adequate computational resources to resist brute-force or offline cracking attempts. The affected platforms include popular enterprise Linux distributions such as Debian 11 through 13, RedHat 9 and 10, and Ubuntu 24, indicating a broad Linux server footprint. The CVSS v3.1 base score is 6.2 (medium), reflecting that the attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact is primarily on confidentiality (C:H), with no direct impact on integrity or availability. Since the vulnerability involves password hashing defaults, an attacker with local access could potentially extract hashed passwords and perform offline cracking more efficiently due to the weak hashing parameters. No public exploits or patches are currently available, emphasizing the need for proactive configuration review and mitigation by administrators. This vulnerability highlights the importance of secure default configurations in privileged access management solutions, especially those managing critical credentials in enterprise environments.

For European organizations, the primary impact of CVE-2025-13532 is the potential compromise of password confidentiality within privileged access management systems. Since BoKS is used to manage sensitive credentials and privileged accounts, weak password hashing increases the risk that an attacker with local access could obtain hashed passwords and crack them offline, leading to unauthorized access to critical systems. This could facilitate lateral movement, privilege escalation, and data breaches. The vulnerability does not directly affect system integrity or availability, but the loss of credential confidentiality can have cascading effects on overall security posture. Organizations in sectors with high regulatory requirements such as finance, healthcare, and government are particularly at risk due to the sensitive nature of privileged credentials. The affected Linux platforms are widely used in European data centers and enterprise environments, increasing the scope of exposure. Although exploitation requires local access, insider threats or attackers who have already gained limited footholds could leverage this vulnerability to escalate privileges. The absence of known exploits in the wild provides a window for mitigation before active attacks emerge.

European organizations should immediately audit their Fortra Core Privileged Access Manager (BoKS) Server Agent 9.0 deployments running in BoKS 8.1 domains on affected Linux platforms to verify password hashing configurations. Administrators must ensure that password hash algorithms are configured with sufficient computational effort parameters, ideally using recommended modern hashing schemes with strong iteration counts or memory-hard functions. If yescrypt is used, verify that its parameters meet current best practices for resistance against brute-force attacks. Until official patches are released, consider applying configuration hardening or disabling weak hashing defaults where possible. Limit local access to BoKS Server Agent hosts through strict access controls, monitoring, and logging to detect unauthorized access attempts. Employ network segmentation and least privilege principles to reduce the risk of local attacker presence. Regularly update and patch Linux operating systems to minimize other attack vectors that could lead to local compromise. Additionally, implement multi-factor authentication and credential vaulting best practices to reduce reliance on password hashes alone. Engage with Fortra support for guidance and monitor for official patches or advisories. Finally, conduct regular security assessments and penetration tests focusing on privileged access management components to detect weaknesses proactively.