PT-2025-31359 · Microsoft · Windows

🗓️ 29 Jul 2025 00:00:00Reported by Positive TechnologiesType

ptsecurity

ptsecurity🔗 dbugs.ptsecurity.com👁 2 Views

An uncontrolled search path vulnerability can lead to local privilege escalation due to insecure permissions

Reporter	Title	Published	Views	Family All 8
CNNVD	Elastic 安全漏洞	30 Jul 202500:00	–	cnnvd
CVE	CVE-2025-0712	30 Jul 202500:12	–	cve
Cvelist	CVE-2025-0712 APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer	30 Jul 202500:12	–	cvelist
Elastic	APM Server (Windows Installer) 8.16.3, 8.17.1 Security Update (ESA-2025-01)	29 Jul 202523:30	–	elastic
EUVD	EUVD-2025-23061	3 Oct 202520:07	–	euvd
NVD	CVE-2025-0712	30 Jul 202501:15	–	nvd
RedhatCVE	CVE-2025-0712	1 Aug 202501:16	–	redhatcve
Vulnrichment	CVE-2025-0712 APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer	30 Jul 202500:12	–	vulnrichment

Source	Link
bdu	www.bdu.fstec.ru/vul/2025-09240
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-0712
twitter	www.twitter.com/rewterz/status/1950807808577843253
twitter	www.twitter.com/CVEnew/status/1950365030374924670
discuss	www.discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558
twitter	www.twitter.com/CCBalert/status/1950564702347526558
t	www.t.me/CVEtracker/28721

31 Jul 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17

EPSS0.00044

SSVC

local privilege escalation insecure directory permissions system privileges directory permissions vulnerability