exploitDog

CVE-2025-0712

Опубликовано: 30 июл. 2025

Источник: nvd

CVSS3: 7

EPSS Низкий

Описание

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

Ссылки

https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558

EPSS

Процентиль: 1%

0.0001

Низкий

7 High

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-grvj-7p65-qc92

CVSS3: 7

github

5 дней назад

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

BDU:2025-09240

CVSS3: 7

fstec

6 дней назад

Уязвимость установщика агента для сборки и доставки данных в Elasticsearch или Logstash Elastic Beats, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 1%

0.0001

Низкий

7 High

CVSS3

Дефекты

CWE-427