CVE-2025-10937

5.5 MEDIUM

Denial of Service

📋 TL;DR

This vulnerability in Oxford Nanopore's MinKNOW software allows local users to cause a denial-of-service by locking a temporary authentication token file during startup. This prevents the software from generating valid tokens and blocks sequencing operations. Systems running MinKNOW version 24.11 or earlier are affected.

💻 Affected Systems

Products:

• Oxford Nanopore MinKNOW

Versions: 24.11 and earlier

Operating Systems: All platforms running MinKNOW

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable in default configurations where MinKNOW creates temporary files in world-writable directories.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

1. Review the CVE details at NVD
2. Check vendor security advisories for your specific version
3. Test if the vulnerability is exploitable in your environment
4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of sequencing operations, preventing scientific research or diagnostic workflows from proceeding.

🟠

Likely Case

Temporary service interruption requiring manual intervention to resolve the file lock and restart the software.

🟢

If Mitigated

Minimal impact with proper access controls and monitoring in place to detect and prevent unauthorized local access.

🌐 Internet-Facing: LOW - This requires local system access and cannot be exploited remotely.

🏢 Internal Only: MEDIUM - Any local user or process with access to the system can cause service disruption, but requires specific timing during startup.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and precise timing during MinKNOW startup to lock the temporary file before it's moved.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 24.11

Vendor Advisory: https://nanoporetech.com/software/

Restart Required: No

Instructions:

1. Check current MinKNOW version. 2. Download and install the latest version from Oxford Nanopore's software portal. 3. Verify the update completed successfully.

🔧 Temporary Workarounds

Restrict directory permissions

all

Change permissions on the temporary directory to prevent unauthorized users from accessing or locking files

Copy

chmod 750 /path/to/minknow/temp/directory
chown minknow_user:minknow_group /path/to/minknow/temp/directory

🧯 If You Can't Patch

• Implement strict access controls to limit local user access to MinKNOW systems
• Monitor for unauthorized file locking attempts and implement process isolation

🔍 How to Verify

Check if Vulnerable:

Copy

Check MinKNOW version using the software interface or version command. If version is 24.11 or earlier, the system is vulnerable.

Check Version:

Copy

Check MinKNOW GUI or refer to installation logs for version information

Verify Fix Applied:

Copy

Verify MinKNOW version is greater than 24.11 and test that authentication token generation completes successfully during startup.

📡 Detection & Monitoring

Log Indicators:

• Failed authentication token generation
• File lock errors in MinKNOW logs
• Repeated startup failures

Network Indicators:

• No network indicators - this is a local file system attack

SIEM Query:

Copy

Search for 'authentication token generation failed' OR 'file lock' OR 'flock' in MinKNOW application logs

📊 Metadata

CVE ID: CVE-2025-10937

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-754

EPSS Score: 0.04% exploit probability (11.9th percentile)

Published: October 23, 2025

Last Updated: October 27, 2025

🔗 References

• https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsma-25-294-01.json
• https://nanoporetech.com/about/contact
• https://nanoporetech.com/software/
• https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-294-01

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10937, you might also want to check these:

CVE-2026-24054 10.0

A vulnerability in Kata Containers allows malformed container images with no layers to cause the hos...

Same vulnerability type (CWE-754)

CVE-2021-0211 10.0

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows attackers to send specia...

Same vulnerability type (CWE-754)

CVE-2024-3729 9.8

This vulnerability in the Frontend Admin WordPress plugin allows unauthenticated attackers to manipu...

Same vulnerability type (CWE-754)