CVE-2025-46803 is a vulnerability classified under CWE-276 (Incorrect Default Permissions) affecting version 5.0 of the Screen utility, a terminal multiplexer commonly used in Unix-like operating systems. The issue arises from a change in the default permission mode of pseudo terminals (PTYs) allocated by Screen. Previously, the PTYs were created with permissions set to 0620, which restricts write access to the owner and group. However, this was changed to 0622, which grants write permissions to all users on the system. This misconfiguration allows any user to write to any Screen PTY device, potentially enabling unauthorized users to inject input or commands into other users' terminal sessions. The vulnerability has a CVSS v3.1 score of 5.0, indicating a medium severity level. The vector metrics indicate that the attack requires local access (AV:L), low attack complexity (AC:L), low privileges (PR:L), and user interaction (UI:R). The impact is limited to integrity (I:H), with no confidentiality or availability impact. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability could be exploited by a local attacker with some privileges to interfere with other users' terminal sessions, potentially leading to command injection or session hijacking scenarios.

For European organizations, the impact of CVE-2025-46803 can be significant in environments where Screen is used extensively, especially in multi-user systems such as shared servers, development environments, or hosting providers. The ability for a low-privileged user to write to another user's terminal session can lead to unauthorized command execution, data manipulation, or disruption of workflows. This undermines the integrity of terminal sessions and could facilitate lateral movement or privilege escalation if combined with other vulnerabilities or misconfigurations. Organizations in sectors with strict data integrity requirements, such as finance, healthcare, and critical infrastructure, may face increased risks. Additionally, compliance with regulations like GDPR could be impacted if this vulnerability leads to unauthorized access or manipulation of sensitive data. Although the vulnerability does not directly affect confidentiality or availability, the integrity compromise could have cascading effects on operational security and trustworthiness of systems.

To mitigate CVE-2025-46803, organizations should: 1) Immediately audit the permissions of PTYs allocated by Screen on all affected systems, verifying that they are not set to overly permissive modes such as 0622. 2) Manually revert the PTY permissions to a more restrictive mode (e.g., 0620 or stricter) using system configuration or startup scripts until an official patch is released. 3) Restrict local user access to systems running Screen, limiting the number of users who can log in and use Screen sessions. 4) Monitor terminal sessions for unusual activity that could indicate unauthorized input injection. 5) Implement strict user privilege separation and consider using alternative terminal multiplexers that do not exhibit this vulnerability. 6) Stay updated with vendor advisories and apply official patches as soon as they become available. 7) Employ host-based intrusion detection systems (HIDS) to detect anomalous writes to PTYs. 8) Educate system administrators about the risks of incorrect PTY permissions and enforce secure configuration baselines.