2025-12-18 20:32:21
cisa-cg
PUBLISHED
BullWall Ransomware Containment supports configurable file and directory exclusions such as $RECYCLE.BIN to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0.42, which remove hardcoded exclusion behavior and exposes exclusion handling as configurable settings.