CVE-2025-0131

Description

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.

References

CVE-2025-0131

https://www.opswat.com/products/metadefender/endpoint-security-sdk

Severity

CVSS-BT: 4.0

CVSS-B: 7.1

Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:U/AU:N/R:U/V:D/U:Amber

Weakness Enumeration

CWE-266: Incorrect Privilege Assignment

CAPEC-233 Privilege Escalation

Known Software Configurations

MetaDefender Endpoint Security SDK version up-to (by excluding) 4.3.4451.0 (published January 21st, 2025).

Discoverer

https://security.paloaltonetworks.com/CVE-2025-0131

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
  Last updated by Morrissey on May 15, 2025
On This Page
CVE-2025-0131DescriptionReferencesSeverityWeakness EnumerationKnown Software ConfigurationsDiscoverer