CVE-2025-50674 is a high-severity vulnerability identified in OpenMediaVault version 7.4.17, specifically within the changePassword method located in the /usr/share/php/openmediavault/system/user.inc file. OpenMediaVault is a popular open-source network-attached storage (NAS) solution widely used for managing storage servers. The vulnerability allows a local authenticated attacker—meaning someone with valid user credentials but limited privileges—to escalate their privileges to root, the highest level of access on the system. This escalation occurs due to improper input validation or authorization checks (as indicated by CWE-20: Improper Input Validation and CWE-269: Improper Privilege Management) in the password change functionality. The CVSS v3.1 base score is 7.8, reflecting a high impact on confidentiality, integrity, and availability, with low attack complexity and no user interaction required. The attacker only needs local access and valid credentials, which could be obtained through other means or insider threat scenarios. Exploiting this flaw would allow the attacker to gain full control over the NAS device, potentially leading to unauthorized data access, data manipulation, or disruption of storage services. No public exploits are currently known, and no patches have been linked yet, indicating the need for vigilance and proactive mitigation by administrators.

For European organizations, especially those relying on OpenMediaVault for critical storage infrastructure, this vulnerability poses a significant risk. The ability for a local authenticated user to gain root privileges can lead to full system compromise, exposing sensitive data stored on the NAS, including personal data protected under GDPR. This could result in data breaches, regulatory fines, operational downtime, and reputational damage. Organizations in sectors such as finance, healthcare, research, and government that use OpenMediaVault for file sharing or backup solutions are particularly vulnerable. The threat is exacerbated in environments where multiple users have access to the NAS system, increasing the attack surface. Additionally, given the centralized nature of NAS devices, a successful exploit could facilitate lateral movement within the network, further compromising enterprise assets.

Administrators should immediately review user access policies to minimize the number of users with local authenticated access to OpenMediaVault systems. Implement strict access controls and monitor user activities for suspicious behavior. Until an official patch is released, consider isolating OpenMediaVault servers from untrusted users and networks, and restrict access to trusted administrators only. Employ multi-factor authentication (MFA) where possible to reduce the risk of credential compromise. Regularly audit system logs for unauthorized password change attempts or privilege escalations. Backup critical data frequently and verify backup integrity to enable recovery in case of compromise. Stay informed on vendor advisories for patches or updates addressing this vulnerability and apply them promptly once available. If feasible, consider temporarily disabling the password change functionality or restricting it to highly trusted users until a fix is deployed.