{"vulnerability": "cve-2025-40672", "sightings": [{"uuid": "6db8cd34-1648-436f-97ce-2c12649b9f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40672", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17541", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40672\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A Privilege Escalation vulnerability has been found in ProactivaNet v3.24.0.0 from Grupo Espiral MS. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. \nThis would allow an attacker to obtain administrator permissions to \nperform whatever activities he/she wants, shuch as accessing sensitive \ninformation, executing code remotely, and even causing a denial of \nservice (DoS).\n\ud83d\udccf Published: 2025-05-26T09:05:40.862Z\n\ud83d\udccf Modified: 2025-05-26T09:05:40.862Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/privilege-escalation-proactivanet-espiral-ms-group", "creation_timestamp": "2025-05-26T09:49:10.000000Z"}, {"uuid": "452158c1-ff3e-420b-92e9-71e569c429d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40672", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq5e73kthem2", "content": "", "creation_timestamp": "2025-05-27T09:18:06.135481Z"}]}