GHSA-8cxg-mfhg-9j6r

Опубликовано: 01 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.6

Описание

A carefully crafted DLL, copied to

C:\ProgramData\Synaptics

folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.

A carefully crafted DLL, copied to

C:\ProgramData\Synaptics

folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2025-11772
https://www.synaptics.com/sites/default/files/2025-12/fingerprint-driver-co-installer-security-brief-2025-12-01.pdf

EPSS

Процентиль: 7%

0.00027

Низкий

6.6 Medium

CVSS3

CVE ID

CVE-2025-11772

Дефекты

CWE-427

Связанные уязвимости

CVE-2025-11772

CVSS3: 6.6

nvd

2 месяца назад

A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.

EPSS

Процентиль: 7%

0.00027

Низкий

6.6 Medium

CVSS3

CVE ID

CVE-2025-11772

Дефекты

CWE-427