Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/09/26 2:48 p.m.0 views

CVE-2025-10541

iMonitor EAM 9.6394 installs a system service eamusbsrv64.exe that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. Because any local user can create and write to this...

7.8CVSS6.8AI score0.00018EPSS
Exploits0References1
NVD
NVDadded 2025/09/25 3:16 p.m.1 views

CVE-2025-10541

iMonitor EAM 9.6394 installs a system service eamusbsrv64.exe that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. Because any local user can create and write to this...

7.8CVSS0.00018EPSS
Exploits0References3
CVE
CVEadded 2025/09/25 2:35 p.m.6 views

CVE-2025-10542

CVE-2025-10542 affects iMonitor EAM 9.6394. The root cause is default administrative credentials exposed in the management client’s dialog, enabling remote authentication to the EAM server. Successful exploitation allows full control over monitored agents and data, including access to highly sens...

9.8CVSS6.8AI score0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/25 2:35 p.m.1 views

CVE-2025-10542 Insecure Default Admin Credentials Enable Full Administrative Access in iMonitor EAM

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...

6.8AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/25 2:31 p.m.5 views

CVE-2025-10541 Local Privilege Escalation via Insecure Update Mechanism in iMonitor EAM

iMonitor EAM 9.6394 installs a system service eamusbsrv64.exe that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. Because any local user can create and write to this...

0.00018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/25 2:5 p.m.2 views

CVE-2025-10540 Unencrypted and Unauthenticated Communication Allows Data Exposure and Manipulation in iMonitor EAM

iMonitor EAM 9.6394 transmits communication between the EAM client agent and the EAM server, as well as between the EAM monitor management software and the server, in plaintext without authentication or encryption. An attacker with network access can intercept sensitive information such as...

6.7AI score0.00018EPSS
Exploits0References1
Rows per page
Query Builder