28 matches found
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
EUVD-2025-37984
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
CVE-2025-37735
CVE-2025-37735 affects Elastic Defend on Windows. The issue is improper preservation of permissions in the Defend service (running as SYSTEM), which can lead to arbitrary file deletions and in some cases local privilege escalation. Affected versions include up to 8.19.5 and 9.0.0–9.1.5; fixed in ...
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
Elastic Defend 8.19.6, 9.1.6, and 9.2.0 Security Update (ESA-2025-23)
Elastic Defend Improper Preservation of Permissions ESA-2025-23 Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
Elastic Defend 安全漏洞
Elastic Defend is an application from the Dutch company Elastic. It provides prevention, detection and response capabilities, as well as deep visibility into EPP, EDR, SIEM and security analytics. A security vulnerability exists in Elastic Defend that stems from improperly saved permissions on a...
PT-2025-45184
Name of the Vulnerable Software and Affected Versions Elastic Defend affected versions not specified Description An issue exists in Elastic Defend on Windows hosts where improper preservation of permissions can allow the Defend service, running as SYSTEM, to delete arbitrary files on the system...
EUVD-2025-14853
Malicious code in bioql PyPI...
EUVD-2024-36693
Malicious code in bioql PyPI...
Elastic Response to Blog ‘EDR 0-Day Vulnerability’
Updated: August 29, 2025 Elastic has been directly engaging with the independent researcher. After evaluating additional information provided by the researcher, our original assessment still stands. To confirm we are responsibly assessing this report and providing an unbiased perspective, we are...
CVE-2024-37284
Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing th...
CVE-2025-25013
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack...
CVE-2025-25013
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack...
CVE-2025-25013
CVE-2025-25013 affects Elastic Defend; the issue is improper restriction of environment variables, causing exposure of sensitive data (e.g., API keys/tokens) via unfiltered env vars transmitted to the stack. Reported CVSSv3.1: 6.5 (Medium), with network attack vector, low attack complexity, low p...
CVE-2025-25013 Elastic Defend Insertion of Sensitive Information into Log Files
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack...
CVE-2025-25013 Elastic Defend Insertion of Sensitive Information into Log Files
Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack...
Elastic Defend 8.17.3 Security Update (ESA-2025-05)
Elastic Defend Insertion of Sensitive Information into Log Files ESA-2025-05 Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack. This...