CVE-2025-26396 (GCVE-0-2025-26396)

Vulnerability from cvelistv5 – Published: 2025-06-02 13:04 – Updated: 2025-06-04 03:55
VLAI?
Title
SolarWinds Dameware Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability
Summary
The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
SolarWinds Dameware Mini Remote Control Service Affected: 12.3.1.20 and prior versions
Create a notification for this product.
Credits
Alexander Pudwill working with Trend Zero Day Initiative
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26396",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-04T03:55:59.248Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Dameware Mini Remote Control Service",
          "vendor": "SolarWinds",
          "versions": [
            {
              "status": "affected",
              "version": "12.3.1.20 and prior versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Alexander Pudwill working with Trend Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cbr\u003e\n\n\n\n\n\nThe SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.  \u0026nbsp; \u003cbr\u003e\n\n\n\n\n\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233: Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-03T14:03:36.346Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26396"
        },
        {
          "url": "https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-3-2_release_notes.htm"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cbr\u003eSolarWinds recommends that customers upgrade to SolarWinds Dameware Mini Remote Control\u0026nbsp;12.3.2 as soon as it becomes available.\u003cbr\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "SolarWinds recommends that customers upgrade to SolarWinds Dameware Mini Remote Control\u00a012.3.2 as soon as it becomes available."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SolarWinds Dameware Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2025-26396",
    "datePublished": "2025-06-02T13:04:19.648Z",
    "dateReserved": "2025-02-08T00:19:09.395Z",
    "dateUpdated": "2025-06-04T03:55:59.248Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-26396\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2025-06-02T13:15:21.367\",\"lastModified\":\"2025-06-02T17:32:17.397\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se determin\u00f3 que SolarWinds Dameware Mini Remote Control est\u00e1 afectado por la vulnerabilidad de escalada de privilegios locales con permisos incorrectos. Esta vulnerabilidad requiere acceso local y una cuenta v\u00e1lida con pocos privilegios para ser susceptible a ella.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-3-2_release_notes.htm\",\"source\":\"psirt@solarwinds.com\"},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26396\",\"source\":\"psirt@solarwinds.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-26396\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-02T13:36:22.952922Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-02T13:36:28.421Z\"}}], \"cna\": {\"title\": \"SolarWinds Dameware Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Alexander Pudwill working with Trend Zero Day Initiative\"}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233: Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SolarWinds\", \"product\": \"Dameware Mini Remote Control Service\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.3.1.20 and prior versions\"}], \"defaultStatus\": \"affected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"SolarWinds recommends that customers upgrade to SolarWinds Dameware Mini Remote Control\\u00a012.3.2 as soon as it becomes available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cbr\u003eSolarWinds recommends that customers upgrade to SolarWinds Dameware Mini Remote Control\u0026nbsp;12.3.2 as soon as it becomes available.\u003cbr\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26396\"}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-3-2_release_notes.htm\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cbr\u003e\\n\\n\\n\\n\\n\\nThe SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability.  \u0026nbsp; \u003cbr\u003e\\n\\n\\n\\n\\n\\n\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"shortName\": \"SolarWinds\", \"dateUpdated\": \"2025-06-03T14:03:36.346Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-26396\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-04T03:55:59.248Z\", \"dateReserved\": \"2025-02-08T00:19:09.395Z\", \"assignerOrgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"datePublished\": \"2025-06-02T13:04:19.648Z\", \"assignerShortName\": \"SolarWinds\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.