EUVD-2025-204000

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 before 24.2.8, and 25.1 before 25.1.6. Directories and files created by the agent are created with overly permissive ACLs, allowing local users without administrator rights to trigger actions or destabilize the agent...

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions prior to 24.1.6, 24.2.7, and 25.1.5, which stems from an authenticated user being able to retrieve the number of computers of other tenants via the DriveLoc...

CVE-2025-67794

CVE-2025-67794 affects DriveLock agents (versions 24.1–24.1.*, 24.2 before 24.2.8, and 25.1 before 25.1.6). The root cause is overly permissive ACLs on directories and files created by the agent, enabling local users without administrator rights to trigger actions or destabilize the agent. Multip...

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions prior to 24.1.6, 24.2.7, and 25.1.5, which stems from a local unprivileged user being able to manipulate a privileged process, potentially leading to...