MongoDB BI Connector ODBC driver installation via MSI may leave ACLs unset on custom installation directories

Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6...

CVE-2025-11575

CVE-2025-11575 affects MongoDB Atlas SQL ODBC driver for Windows, with an Incorrect Default Permissions issue that could allow Privilege Escalation. Affected versions are 1.0.0 through 2.0.0. The documents do not provide explicit exploitation details or a published fix/remediation; additional spe...

CVE-2025-11535

CVE-2025-11535 affects MongoDB Connector for BI (Windows MSI installs) and is caused by ACLs not being set on custom installation directories, enabling local privilege escalation. Affected versions: 2.0.0–2.14.24. Reported by multiple sources (Red Hat, NVD, CNNVD, etc.). Impact is described as hi...