CWE-426
Allowed-with-ReviewUntrusted Search Path
Abstraction: Base · Status: Stable
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
892 vulnerabilities reference this CWE, most recent first.
CVE-2025-4532 (GCVE-0-2025-4532)
Vulnerability from cvelistv5 – Published: 2025-05-11 06:00 – Updated: 2025-05-12 13:45| URL | Tags |
|---|---|
| https://vuldb.com/?id.308277 | vdb-entry |
| https://vuldb.com/?ctiid.308277 | signaturepermissions-required |
| https://vuldb.com/?submit.566141 | third-party-advisory |
| https://www.yuque.com/ba1ma0-an29k/nnxoap/ey9gzmp… | broken-linkexploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Shanghai Bairui Information Technology | SunloginClient |
Affected:
15.8.3.19819
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4532",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T13:45:03.001317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T13:45:39.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SunloginClient",
"vendor": "Shanghai Bairui Information Technology",
"versions": [
{
"status": "affected",
"version": "15.8.3.19819"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ba1_Ma0 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunlogin_guard.exe. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion in der Bibliothek process.dll der Datei sunlogin_guard.exe. Mit der Manipulation mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-11T06:00:10.356Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308277 | Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search path",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.308277"
},
{
"name": "VDB-308277 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308277"
},
{
"name": "Submit #566141 | Shanghai Bairui Information Technology Co., Ltd SunloginClient 15.8.3.19819 privilege escalation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.566141"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://www.yuque.com/ba1ma0-an29k/nnxoap/ey9gzmpiqfltiici?singleDoc"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-10T07:51:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4532",
"datePublished": "2025-05-11T06:00:10.356Z",
"dateReserved": "2025-05-10T05:46:04.874Z",
"dateUpdated": "2025-05-12T13:45:39.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4525 (GCVE-0-2025-4525)
Vulnerability from cvelistv5 – Published: 2025-05-10 22:31 – Updated: 2025-05-12 14:39| URL | Tags |
|---|---|
| https://vuldb.com/?id.308270 | vdb-entry |
| https://vuldb.com/?ctiid.308270 | signaturepermissions-required |
| https://vuldb.com/?submit.562788 | third-party-advisory |
| https://gist.github.com/shellkraft/ac4be6a3953e28… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4525",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T14:39:07.558654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T14:39:10.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/shellkraft/ac4be6a3953e2889a7bf54aea2db88c2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Discord",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.9188"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "shellkraft (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows. Affected by this issue is some unknown functionality in the library WINSTA.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in Discord 1.0.9188 f\u00fcr Windows entdeckt. Davon betroffen ist unbekannter Code in der Bibliothek WINSTA.dll. Mittels Manipulieren mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-10T22:31:05.153Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308270 | Discord WINSTA.dll uncontrolled search path",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.308270"
},
{
"name": "VDB-308270 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308270"
},
{
"name": "Submit #562788 | Discord 1.0.9188 Uncontrolled Search Path",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.562788"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/shellkraft/ac4be6a3953e2889a7bf54aea2db88c2"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-10T07:28:37.000Z",
"value": "VulDB entry last update"
}
],
"title": "Discord WINSTA.dll uncontrolled search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4525",
"datePublished": "2025-05-10T22:31:05.153Z",
"dateReserved": "2025-05-10T05:23:23.132Z",
"dateUpdated": "2025-05-12T14:39:10.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4455 (GCVE-0-2025-4455)
Vulnerability from cvelistv5 – Published: 2025-05-09 02:31 – Updated: 2025-05-09 03:33| URL | Tags |
|---|---|
| https://vuldb.com/?id.308069 | vdb-entry |
| https://vuldb.com/?ctiid.308069 | signaturepermissions-required |
| https://vuldb.com/?submit.562440 | third-party-advisory |
| https://gist.github.com/shellkraft/d7db265b53115d… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Patch My PC | Home Updater |
Affected:
5.1.0
Affected: 5.1.1 Affected: 5.1.2 Affected: 5.1.3.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4455",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T03:33:20.223418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T03:33:59.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Home Updater",
"vendor": "Patch My PC",
"versions": [
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "shellkraft (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscms.dll/msctf.dll/ntdll.dll/ole32.dll/oleaut32.dll/PresentationNative_cor3.dll/secur32.dll/shcore.dll/shell32.dll/sspicli.dll/System.IO. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Patch My PC Home Updater bis 5.1.3.0 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion in der Bibliothek advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscms.dll/msctf.dll/ntdll.dll/ole32.dll/oleaut32.dll/PresentationNative_cor3.dll/secur32.dll/shcore.dll/shell32.dll/sspicli.dll/System.IO. Durch die Manipulation mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T02:31:04.290Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-308069 | Patch My PC Home Updater System.IO uncontrolled search path",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.308069"
},
{
"name": "VDB-308069 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.308069"
},
{
"name": "Submit #562440 | Patch My Pc Patch My PC Home Updater \u003c=5.1.3.0 Uncontrolled Search Path",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.562440"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/shellkraft/d7db265b53115d52a4ca5bffe5e9c6e4"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-08T20:57:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "Patch My PC Home Updater System.IO uncontrolled search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4455",
"datePublished": "2025-05-09T02:31:04.290Z",
"dateReserved": "2025-05-08T18:51:56.627Z",
"dateUpdated": "2025-05-09T03:33:59.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4272 (GCVE-0-2025-4272)
Vulnerability from cvelistv5 – Published: 2025-05-05 11:00 – Updated: 2025-05-05 12:32| URL | Tags |
|---|---|
| https://vuldb.com/?id.307376 | vdb-entry |
| https://vuldb.com/?ctiid.307376 | signaturepermissions-required |
| https://vuldb.com/?submit.563468 | third-party-advisory |
| https://www.yuque.com/ba1ma0-an29k/nnxoap/bhd5ckq… | related |
| https://drive.google.com/file/d/1VKhLyW0oglACkt-5… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Mechrevo | Control Console |
Affected:
1.0.2.70
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4272",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T12:32:38.631177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T12:32:51.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"GCUService"
],
"product": "Control Console",
"vendor": "Mechrevo",
"versions": [
{
"status": "affected",
"version": "1.0.2.70"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ba1_Ma0 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\\Program Files\\OEM\\MECHREVO Control Center\\UniwillService\\MyControlCenter\\csCAPI.dll of the component GCUService. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in Mechrevo Control Console 1.0.2.70 ausgemacht. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion in der Bibliothek C:\\Program Files\\OEM\\MECHREVO Control Center\\UniwillService\\MyControlCenter\\csCAPI.dll der Komponente GCUService. Durch die Manipulation mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T11:00:07.406Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-307376 | Mechrevo Control Console GCUService csCAPI.dll uncontrolled search path",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.307376"
},
{
"name": "VDB-307376 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.307376"
},
{
"name": "Submit #563468 | MECHREVO Control Console 1.0.2.70 Elevation Of Privilege",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.563468"
},
{
"tags": [
"related"
],
"url": "https://www.yuque.com/ba1ma0-an29k/nnxoap/bhd5ckqugggmpttp?singleDoc"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1VKhLyW0oglACkt-5PgTtN9oRB2jMczeh/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-05-05T12:56:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Mechrevo Control Console GCUService csCAPI.dll uncontrolled search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-4272",
"datePublished": "2025-05-05T11:00:07.406Z",
"dateReserved": "2025-05-04T18:28:23.181Z",
"dateUpdated": "2025-05-05T12:32:51.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2501 (GCVE-0-2025-2501)
Vulnerability from cvelistv5 – Published: 2025-05-30 19:14 – Updated: 2026-02-26 18:27- CWE-426 - Untrusted Search Path
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | PC Manager |
Affected:
0 , < 5.1.110.5082
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T03:55:13.342417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:50.105Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PC Manager",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "5.1.110.5082",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:pc_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.110.5082",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.\u003c/span\u003e"
}
],
"value": "An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:14:14.040Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/428586"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate PC Manager to version 5.1.110.5082 or later.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update PC Manager to version 5.1.110.5082 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-2501",
"datePublished": "2025-05-30T19:14:14.040Z",
"dateReserved": "2025-03-18T14:58:48.759Z",
"dateUpdated": "2026-02-26T18:27:50.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1804 (GCVE-0-2025-1804)
Vulnerability from cvelistv5 – Published: 2025-03-01 18:31 – Updated: 2025-03-07 19:52| URL | Tags |
|---|---|
| https://vuldb.com/?id.298040 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.298040 | signaturepermissions-required |
| https://vuldb.com/?submit.485034 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Blizzard | Battle.Net |
Affected:
2.39.0.15212
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T17:16:33.571072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T20:34:06.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Battle.Net",
"vendor": "Blizzard",
"versions": [
{
"status": "affected",
"version": "2.39.0.15212"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Fergod (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor assigns this issue a low risk level."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Blizzard Battle.Net bis 2.39.0.15212 f\u00fcr Windows gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code in der Bibliothek profapi.dll. Mittels Manipulieren mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T19:52:42.595Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-298040 | Blizzard Battle.Net profapi.dll uncontrolled search path",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.298040"
},
{
"name": "VDB-298040 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.298040"
},
{
"name": "Submit #485034 | Blizzard Battle.net 2.39.0.15212 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.485034"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-01T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-07T20:57:38.000Z",
"value": "VulDB entry last update"
}
],
"title": "Blizzard Battle.Net profapi.dll uncontrolled search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1804",
"datePublished": "2025-03-01T18:31:04.185Z",
"dateReserved": "2025-03-01T00:12:16.028Z",
"dateUpdated": "2025-03-07T19:52:42.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1756 (GCVE-0-2025-1756)
Vulnerability from cvelistv5 – Published: 2025-02-27 15:28 – Updated: 2025-02-27 16:06- CWE-426 - Untrusted Search Path
| URL | Tags |
|---|---|
| https://jira.mongodb.org/browse/MONGOSH-2028 | |
| https://access.redhat.com/errata/RHSA-2025:1756 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| MongoDB Inc | mongosh |
Affected:
0 , < 2.3.0
(custom)
cpe:2.3:a:mongodb:mongosh:0.2.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.3.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.4.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.4.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.5.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.5.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.7.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.8.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.8.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.8.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.9.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.10.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.10.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.11.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.12.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.12.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.13.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.14.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.15.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.15.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:0.15.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.1.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.4.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.5.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.5.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.5.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.5.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.5.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.6.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.6.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.6.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.7.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.7.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.8.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.8.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.90:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.91:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:1.10.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.1.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.1.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.1.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.1.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.1.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongosh:2.2.15:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-27T16:02:07.276063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T16:06:31.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1756"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongosh:0.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.5.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.7.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.8.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.8.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.8.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.9.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.12.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.13.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.14.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.15.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.15.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:0.15.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.1.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.5.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.5.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.5.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.7.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.7.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.8.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.8.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.90:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.91:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:1.10.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongosh:2.2.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "mongosh",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "2.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOnly environments with Windows as the underlying operating system is affected by this issue\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Only environments with Windows as the underlying operating system is affected by this issue"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T. Do\u011fa Geli\u015fli"
}
],
"datePublic": "2025-02-27T13:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003emongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user\u0027s system with elevated privilege, when a crafted file is stored in C:\\node_modules\\. This issue affects mongosh prior to 2.3.0\u003c/p\u003e"
}
],
"value": "mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user\u0027s system with elevated privilege, when a crafted file is stored in C:\\node_modules\\. This issue affects mongosh prior to 2.3.0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T15:28:11.633Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/MONGOSH-2028"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MongoDB Shell may be susceptible to local privilege escalation in Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-1756",
"datePublished": "2025-02-27T15:28:11.633Z",
"dateReserved": "2025-02-27T13:02:02.998Z",
"dateUpdated": "2025-02-27T16:06:31.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1755 (GCVE-0-2025-1755)
Vulnerability from cvelistv5 – Published: 2025-02-27 15:24 – Updated: 2025-02-27 16:07- CWE-426 - Untrusted Search Path
| URL | Tags |
|---|---|
| https://jira.mongodb.org/browse/COMPASS-9058 | |
| https://access.redhat.com/errata/RHSA-2025:1755.html | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| MongoDB Inc | MongoDB Compass |
Affected:
0 , < 1.42.1
(custom)
cpe:2.3:a:mongodb:compass:1.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.19:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.20:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.21:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.22:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.23:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.24.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.25.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.26.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.26.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.28.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.28.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.29.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.29.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.29.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.30.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.31.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.31.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.31.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.31.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.32.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.32.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.32.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.32.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.33.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.33.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.34.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.34.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.35.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.36.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.36.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.37.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.38.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.38.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.38.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.39.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.39.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.39.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.39.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.39.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.40.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.40.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.40.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.40.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.40.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.41.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:compass:1.42.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-27T16:07:15.336525Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T16:07:45.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1755.html"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:compass:1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.19:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.20:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.21:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.22:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.23:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.24.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.25.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.26.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.26.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.28.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.28.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.29.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.29.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.29.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.30.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.31.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.31.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.31.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.31.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.32.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.32.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.32.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.32.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.33.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.33.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.34.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.34.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.35.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.36.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.36.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.37.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.38.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.38.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.38.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.39.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.39.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.39.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.39.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.39.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.40.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.40.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.40.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.40.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.40.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.41.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:compass:1.42.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Compass",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "1.42.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eOnly environments with Windows as the underlying operating system is affected by this issue\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "Only environments with Windows as the underlying operating system is affected by this issue"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T. Do\u011fa Geli\u015fli"
}
],
"datePublic": "2025-02-27T13:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user\u0027s system with elevated privileges, when a crafted file is stored in C:\\node_modules\\. This issue affects MongoDB Compass prior to 1.42.1\u003c/p\u003e"
}
],
"value": "MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user\u0027s system with elevated privileges, when a crafted file is stored in C:\\node_modules\\. This issue affects MongoDB Compass prior to 1.42.1"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T15:24:07.174Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/COMPASS-9058"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MongoDB Compass may be susceptible to local privilege escalation in Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-1755",
"datePublished": "2025-02-27T15:24:07.174Z",
"dateReserved": "2025-02-27T13:02:01.480Z",
"dateUpdated": "2025-02-27T16:07:45.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1398 (GCVE-0-2025-1398)
Vulnerability from cvelistv5 – Published: 2025-03-17 14:19 – Updated: 2025-03-31 15:38- CWE-426 - Untrusted Search Path
| Vendor | Product | Version | |
|---|---|---|---|
| Mattermost | Mattermost |
Affected:
0 , ≤ 5.10.0
(semver)
Unaffected: 5.11.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T18:36:20.530898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T18:38:37.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "5.10.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.11.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "nullevent"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMattermost Desktop App versions \u0026lt;=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.\u003c/p\u003e"
}
],
"value": "Mattermost Desktop App versions \u003c=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T15:38:58.774Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpdate Mattermost Desktop App to versions 5.11.0 or higher.\u003c/p\u003e"
}
],
"value": "Update Mattermost Desktop App to versions 5.11.0 or higher."
}
],
"source": {
"advisory": "MMSA-2024-00403",
"defect": [
"https://mattermost.atlassian.net/browse/MM-61724"
],
"discovery": "EXTERNAL"
},
"title": "macOS TCC Bypass via Code Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-1398",
"datePublished": "2025-03-17T14:19:51.718Z",
"dateReserved": "2025-02-17T15:58:13.659Z",
"dateUpdated": "2025-03-31T15:38:58.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1353 (GCVE-0-2025-1353)
Vulnerability from cvelistv5 – Published: 2025-02-16 15:00 – Updated: 2025-02-26 01:20 Disputed- CWE-426 - Untrusted Search Path
| URL | Tags |
|---|---|
| https://vuldb.com/?id.295961 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.295961 | signaturepermissions-required |
| https://vuldb.com/?submit.496010 | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T14:08:24.965656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T14:08:31.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Insomnia",
"vendor": "Kong",
"versions": [
{
"status": "affected",
"version": "10.0"
},
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "10.2"
},
{
"status": "affected",
"version": "10.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Fergod (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The real existence of this vulnerability is still doubted at the moment. The vendor is not able to reproduce the issue."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in Kong Insomnia bis 10.3.0 gefunden. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion in der Bibliothek profapi.dll. Mittels Manipulieren mit unbekannten Daten kann eine untrusted search path-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Bisher konnte die Existenz der vermeintlichen Schwachstelle noch nicht eindeutig nachgewiesen werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T01:20:10.591Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-295961 | Kong Insomnia profapi.dll untrusted search path",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.295961"
},
{
"name": "VDB-295961 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.295961"
},
{
"name": "Submit #496010 | Kong Insomnia 10.3.0 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.496010"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2025-02-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-26T02:25:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "Kong Insomnia profapi.dll untrusted search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1353",
"datePublished": "2025-02-16T15:00:12.621Z",
"dateReserved": "2025-02-15T15:19:23.040Z",
"dateUpdated": "2025-02-26T01:20:10.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Strategy: Attack Surface Reduction
Hard-code the search path to a set of known-safe values (such as system directories), or only allow them to be specified by the administrator in a configuration file. Do not allow these settings to be modified by an external party. Be careful to avoid related weaknesses such as CWE-426 and CWE-428.
Mitigation
When invoking other programs, specify those programs using fully-qualified pathnames. While this is an effective approach, code that uses fully-qualified pathnames might not be portable to other systems that do not use the same pathnames. The portability can be improved by locating the full-qualified paths in a centralized, easily-modifiable location within the source code, and having the code refer to these paths.
Mitigation
Remove or restrict all environment settings before invoking other programs. This includes the PATH environment variable, LD_LIBRARY_PATH, and other settings that identify the location of code libraries, and any application-specific search paths.
Mitigation
Check your search path before use and remove any elements that are likely to be unsafe, such as the current working directory or a temporary files directory.
Mitigation
Use other functions that require explicit paths. Making use of any of the other readily available functions that require explicit paths is a safe way to avoid this problem. For example, system() in C does not require a full path since the shell can take care of it, while execl() and execv() require a full path.
CAPEC-38: Leveraging/Manipulating Configuration File Search Paths
This pattern of attack sees an adversary load a malicious resource into a program's standard path so that when a known command is executed then the system instead executes the malicious component. The adversary can either modify the search path a program uses, like a PATH variable or classpath, or they can manipulate resources on the path to point to their malicious components. J2EE applications and other component based applications that are built from multiple binaries can have very long list of dependencies to execute. If one of these libraries and/or references is controllable by the attacker then application controls can be circumvented by the attacker.