Security researchers have identified a critical remote code execution vulnerability in MITRE Caldera, a widely used adversary emulation platform. The vulnerability, tracked as CVE-2025-27364 and assigned the highest possible CVSS score of 10, affects all versions of Caldera prior to commit 35bc06e.
According to the security advisory, the vulnerability stems from the dynamic compilation functionality of Caldera's Manx and Sandcat agents. The flaw exists in an unauthenticated HTTP endpoint that handles agent compilation, allowing attackers to pass malicious parameters during the build process.
Security researcher Dawid Kulikowski, who discovered and reported the vulnerability, detailed how attackers can exploit this flaw by manipulating the Go compiler's linker flags. The exploit specifically targets the "-extld" and "-extldflags" options, which control external linker behavior.
"All versions of MITRE Caldera are vulnerable to a remote code execution vulnerability that can be triggered in most default configurations," explains Kulikowski in his technical report. "The only preconditions for this vulnerability to be exploitable are the presence of Go, Python, and GCC on the system that the Caldera server is running on."
The exploitation method involves abusing GCC's "-wrapper" flag, which allows attackers to specify arbitrary programs to be executed during the compilation process. By crafting specific HTTP requests to the Caldera server, attackers can execute commands without authentication.
The MITRE Caldera team has patched the vulnerability in the latest versions of the platform (v5.1.0+ and commit 35bc06e). Users are strongly advised to update immediately, as the researcher noted that a Metasploit module is already in development to further weaponize this vulnerability.
Organizations using MITRE Caldera are also recommended to avoid exposing their instances to the internet, as this significantly increases the risk of exploitation.
The advisory specifically warns that even though some details were intentionally omitted from the proof-of-concept, determined attackers could still exploit the vulnerability by examining Caldera's source code.