CVE-2025-46804 is a vulnerability classified under CWE-203 (Observable Discrepancy) that affects the Screen terminal multiplexer software, specifically older versions and version 5.0.0. Screen is often used to manage multiple terminal sessions on Unix-like systems and can be configured to run with setuid-root privileges to allow non-privileged users to access certain functionalities. This vulnerability results in a minor information leak whereby unprivileged users can deduce information about filesystem paths that would normally be inaccessible to them. The leak arises due to observable discrepancies in the behavior of Screen when running with elevated privileges, potentially revealing path information through side channels or error messages. The CVSS 3.1 base score is 3.3, indicating a low severity vulnerability. The attack vector requires local access (AV:L), low attack complexity (AC:L), and privileges (PR:L) but no user interaction (UI:N). The impact is limited to confidentiality (C:L) with no integrity or availability effects. There are no known exploits in the wild, and no patches have been linked yet. This vulnerability is primarily a privacy concern rather than a critical security risk, but it could be leveraged in combination with other vulnerabilities or for reconnaissance purposes by attackers with local access.

For European organizations, the impact of CVE-2025-46804 is relatively low but not negligible. Since the vulnerability allows unprivileged users to glean information about protected filesystem paths, it could aid attackers in mapping system layouts or identifying sensitive files, which may facilitate further attacks or privilege escalation attempts. Organizations with multi-user Unix/Linux environments where Screen is deployed with setuid-root privileges are most at risk. This includes academic institutions, research centers, hosting providers, and enterprises that rely on legacy or specific Screen versions for terminal multiplexing. The confidentiality breach could expose sensitive directory structures or configuration paths, potentially aiding targeted attacks or insider threats. However, the lack of integrity or availability impact and the requirement for local access limit the overall risk. European organizations with strict access controls and monitoring will mitigate the risk further. Nonetheless, awareness and remediation are important to prevent information leakage that could be exploited in complex attack chains.

To mitigate this vulnerability, European organizations should: 1) Identify and inventory all systems running vulnerable versions of Screen, especially those configured with setuid-root privileges. 2) Upgrade Screen to the latest patched version once available, or apply vendor-provided patches promptly. 3) Where possible, avoid running Screen with setuid-root privileges; instead, use alternative privilege management techniques such as capabilities or sudo with restricted commands. 4) Implement strict local user access controls and monitoring to detect unauthorized attempts to exploit this information leak. 5) Employ file system permissions and security modules (e.g., SELinux, AppArmor) to limit exposure of sensitive paths. 6) Educate system administrators about the risks of information leakage and encourage regular audits of privilege configurations. 7) If upgrading is not immediately feasible, consider disabling or restricting Screen usage for unprivileged users to reduce attack surface.