2 matches found
CVE-2025-69783
CVE-2025-69783 concerns OpenEDR’s 2.5.1.0 self-defense mechanism. A local attacker can rename a malicious executable to a trusted process name (for example, csrss.exe, edrsvc.exe, edrcon.exe), enabling unauthorized interaction with the OpenEDR kernel driver. This exposes privileged functionality ...
CVE-2025-69784
CVE-2025-69784 describes a local, non-privileged attacker abusing a vulnerable IOCTL interface in the OpenEDR 2.5.1.0 kernel driver to alter the DLL injection path. By redirecting the path to a user-writable location, the attacker can cause OpenEDR to load an attacker-controlled DLL into high-pri...