CVE-2025-37735

🗓️ 06 Nov 2025 14:27:26Reported by elasticType

CVE-2025-37735: Elastic Defend on Windows may delete arbitrary files via SYSTEM, risking local privilege escalation.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2025-37735	6 Nov 202514:27	–	attackerkb
Circl	CVE-2025-37735	11 Nov 202515:33	–	circl
CNNVD	Elastic Defend 安全漏洞	6 Nov 202500:00	–	cnnvd
Cvelist	CVE-2025-37735	6 Nov 202514:27	–	cvelist
Elastic	Elastic Defend 8.19.6, 9.1.6, and 9.2.0 Security Update (ESA-2025-23)	6 Nov 202514:25	–	elastic
EUVD	EUVD-2025-37984	6 Nov 202515:31	–	euvd
NVD	CVE-2025-37735	6 Nov 202515:15	–	nvd
Positive Technologies	PT-2025-45184	6 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-37735	7 Nov 202514:51	–	redhatcve
The Hacker News	⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More	10 Nov 202512:51	–	thn

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Kibana",
    "vendor": "Elastic",
    "versions": [
      {
        "lessThanOrEqual": "8.19.5",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "9.1.5",
        "status": "affected",
        "version": "9.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
discuss	www.discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272

15 Apr 2026 00:35Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17

EPSS0.00012

SSVC

CWE-281