CVE-2025-23385 (GCVE-0-2025-23385)
Vulnerability from cvelistv5 – Published: 2025-01-28 16:01 – Updated: 2025-01-28 16:26
VLAI?
Summary
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible
Severity ?
7.8 (High)
CWE
- CWE-114 - Process Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| JetBrains | ReSharper |
Affected:
2024.3 , < 2024.3.4
(semver)
Affected: 2024.2 , < 2024.2.8 (semver) Affected: 0 , < 2024.1.7 (semver) |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T16:25:22.095430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T16:26:10.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReSharper",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2024.3.4",
"status": "affected",
"version": "2024.3",
"versionType": "semver"
},
{
"lessThan": "2024.2.8",
"status": "affected",
"version": "2024.2",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Rider",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2024.3.4",
"status": "affected",
"version": "2024.3",
"versionType": "semver"
},
{
"lessThan": "2024.2.8",
"status": "affected",
"version": "2024.2",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "dotTrace",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2024.3.4",
"status": "affected",
"version": "2024.3",
"versionType": "semver"
},
{
"lessThan": "2024.2.8",
"status": "affected",
"version": "2024.2",
"versionType": "semver"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ETW Host Service",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "16.43",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-114",
"description": "CWE-114: Process Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T16:01:55.084Z",
"orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
"shortName": "JetBrains"
},
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
"assignerShortName": "JetBrains",
"cveId": "CVE-2025-23385",
"datePublished": "2025-01-28T16:01:55.084Z",
"dateReserved": "2025-01-15T11:51:10.292Z",
"dateUpdated": "2025-01-28T16:26:10.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-23385\",\"sourceIdentifier\":\"cve@jetbrains.com\",\"published\":\"2025-01-28T16:15:41.377\",\"lastModified\":\"2025-01-28T16:15:41.377\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible\"},{\"lang\":\"es\",\"value\":\"En JetBrains ReSharper antes de 2024.3.4, 2024.2.8 y 2024.1.7, Rider antes de 2024.3.4, 2024.2.8 y 2024.1.7, dotTrace antes de 2024.3.4, 2024.2.8 y 2024.1.7, ETW Host Service antes de 16.43, era posible la escalada de privilegios locales a trav\u00e9s del servicio de host ETW.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@jetbrains.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.1,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"cve@jetbrains.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-114\"}]}],\"references\":[{\"url\":\"https://www.jetbrains.com/privacy-security/issues-fixed/\",\"source\":\"cve@jetbrains.com\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"547ada31-17d8-4964-bc5f-1b8238ba8014\", \"shortName\": \"JetBrains\", \"dateUpdated\": \"2025-01-28T16:01:55.084Z\"}, \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-114: Process Control\", \"cweId\": \"CWE-114\"}]}], \"affected\": [{\"vendor\": \"JetBrains\", \"product\": \"ReSharper\", \"versions\": [{\"version\": \"2024.3\", \"status\": \"affected\", \"lessThan\": \"2024.3.4\", \"versionType\": \"semver\"}, {\"version\": \"2024.2\", \"status\": \"affected\", \"lessThan\": \"2024.2.8\", \"versionType\": \"semver\"}, {\"version\": \"0\", \"status\": \"affected\", \"lessThan\": \"2024.1.7\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"JetBrains\", \"product\": \"Rider\", \"versions\": [{\"version\": \"2024.3\", \"status\": \"affected\", \"lessThan\": \"2024.3.4\", \"versionType\": \"semver\"}, {\"version\": \"2024.2\", \"status\": \"affected\", \"lessThan\": \"2024.2.8\", \"versionType\": \"semver\"}, {\"version\": \"0\", \"status\": \"affected\", \"lessThan\": \"2024.1.7\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"JetBrains\", \"product\": \"dotTrace\", \"versions\": [{\"version\": \"2024.3\", \"status\": \"affected\", \"lessThan\": \"2024.3.4\", \"versionType\": \"semver\"}, {\"version\": \"2024.2\", \"status\": \"affected\", \"lessThan\": \"2024.2.8\", \"versionType\": \"semver\"}, {\"version\": \"0\", \"status\": \"affected\", \"lessThan\": \"2024.1.7\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"JetBrains\", \"product\": \"ETW Host Service\", \"versions\": [{\"version\": \"0\", \"status\": \"affected\", \"lessThan\": \"16.43\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible\"}], \"references\": [{\"url\": \"https://www.jetbrains.com/privacy-security/issues-fixed/\"}], \"metrics\": [{\"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}], \"cvssV3_1\": {\"version\": \"3.1\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\"}}]}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-23385\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-28T16:25:22.095430Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-28T16:25:00.978Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2025-23385\", \"assignerOrgId\": \"547ada31-17d8-4964-bc5f-1b8238ba8014\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"JetBrains\", \"dateReserved\": \"2025-01-15T11:51:10.292Z\", \"datePublished\": \"2025-01-28T16:01:55.084Z\", \"dateUpdated\": \"2025-01-28T16:26:10.127Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…