How severe is CVE-2025-67859?

The severity of CVE-2025-67859 has not been assessed with CVSS v3.

CVE-2025-67859

NONE

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Veröffentlicht: 1/14/2026Aktualisiert: 1/14/2026

Beschreibung

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

KI-AnalyseKI-gestützt

Referenzen

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67859
https://security.opensuse.org/2026/01/07/tlp-polkit-authentication-bypass.html