{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14551", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2025-12-11T20:32:58.130Z", "datePublished": "2026-04-09T15:03:58.798Z", "dateUpdated": "2026-04-10T13:54:40.369Z"}, "containers": {"cna": {"title": "Senstive information disclosure was affecting subiquity", "affected": [{"vendor": "Canonical", "product": "Ubuntu", "platforms": ["Linux"], "collectionURL": "https://github.com/canonical", "packageName": "subiquity", "repo": "https://github.com/canonical/subiquity", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "24.04.4", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThanOrEqual": "25.10", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThanOrEqual": "25.04", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1258", "description": "CWE-1258 Exposure of sensitive system information due to uncleared debug information", "type": "CWE"}]}], "references": [{"url": "https://github.com/canonical/subiquity/pull/2358", "name": "noble backport - stop logging network config and identity data", "tags": ["patch", "issue-tracking"]}, {"url": "https://github.com/canonical/subiquity/pull/2357", "name": "Stop logging identity data and network secrets", "tags": ["patch", "issue-tracking"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "LOW", "baseScore": 2.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U"}}], "source": {"discovery": "INTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-09T15:03:58.798Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T13:53:25.206297Z", "id": "CVE-2025-14551", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T13:54:40.369Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14551", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T13:53:25.206297Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T13:54:16.553Z"}}], "cna": {"title": "Senstive information disclosure was affecting subiquity", "source": {"discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U", "exploitMaturity": "UNREPORTED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/canonical/subiquity", "vendor": "Canonical", "product": "Ubuntu", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "24.04.4"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "25.10"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "25.04"}], "platforms": ["Linux"], "packageName": "subiquity", "collectionURL": "https://github.com/canonical", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/canonical/subiquity/pull/2358", "name": "noble backport - stop logging network config and identity data", "tags": ["patch", "issue-tracking"]}, {"url": "https://github.com/canonical/subiquity/pull/2357", "name": "Stop logging identity data and network secrets", "tags": ["patch", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1258", "description": "CWE-1258 Exposure of sensitive system information due to uncleared debug information"}]}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-09T15:03:58.798Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14551", "state": "PUBLISHED", "dateUpdated": "2026-04-10T13:54:40.369Z", "dateReserved": "2025-12-11T20:32:58.130Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2026-04-09T15:03:58.798Z", "assignerShortName": "canonical"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs."}], "id": "CVE-2025-14551", "lastModified": "2026-04-09T16:16:23.890", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2026-04-09T16:16:23.890", "references": [{"source": "security@ubuntu.com", "url": "https://github.com/canonical/subiquity/pull/2357"}, {"source": "security@ubuntu.com", "url": "https://github.com/canonical/subiquity/pull/2358"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1258"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["linux"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,24.04.4]"}}, {"platform": ["linux"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,25.10]"}}, {"platform": ["linux"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,25.04]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Ubuntu", "source": "cna", "vendor": "Canonical"}, "product": "ubuntu", "vendor": "canonical"}], "analysis": {"en": {"generated_at": "2026-04-09T16:21:25.919822+00:00", "value": {"mitigation_remediation": ["Update Subiquity to the latest patch or a newer release that fixes the crash\u2011report logging bug."], "summary": {"action": "Patch", "impact": "Sensitive information disclosure"}, "threat_synthesis": {"affected_systems": "Canonical\u2019s Ubuntu Subiquity installer, specifically version 24.04.4, is affected. Users running this release on Ubuntu installations are vulnerable when they submit crash reports following a failed installation.", "description_and_impact": "A flaw in Ubuntu Subiquity version 24.04.4 allows the application to include user credentials in crash reports sent to Launchpad. When an installation fails and the user submits a bug report, Subiquity may attach logs that contain the user's plaintext Wi\u2011Fi password. This results in a low\u2011severity information disclosure that compromises the confidentiality of user credentials but does not affect system integrity or availability.", "risk_and_exploitability": "The CVSS score of 2.7 classifies this issue as low severity, and no exploit probability data is available. The vulnerability can only be exploited by a user who voluntarily submits a crash report after a failure, so the attack vector is user\u2011initiated and unlikely to be used for widespread compromise. It is not listed in the CISA KEV catalog. Overall, the risk is minimal but should be mitigated promptly to prevent accidental disclosure of sensitive credentials."}}}}, "created": "2026-04-10T08:53:15.929521+00:00", "updated": "2026-04-10T09:32:28.551814+00:00", "vendors": ["canonical", "canonical$PRODUCT$ubuntu"]}