CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/11/27 1:55 a.m.•6 views

CVE-2025-66265

CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...

6.9CVSS7AI score0.00017EPSS

Exploits0References1

NVD•added 2025/11/26 1:16 a.m.•3 views

CVE-2025-66265

CMService.exe creates the C:\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...

6.9CVSS0.00017EPSS

Exploits0References1

CVE•added 2025/11/26 1:9 a.m.•7 views

CVE-2025-66264

CVE-2025-66264 describes an unquoted service path in the CMService.exe service that runs with SYSTEM privileges, enabling a local attacker who has filesystem write access to place a malicious executable in the path and escalate privileges. The issue affects the UPSilon2000V6.0-related service as ...

7.2CVSS6.3AI score0.00018EPSS

Exploits0References1

Vulnrichment•added 2025/11/26 1:9 a.m.•2 views

CVE-2025-66264 Unquoted Service path in UPSilon2000V6.0 SYSTEM privilege service

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation...

7.2CVSS6.3AI score0.00018EPSS

Exploits0References1