CVE-2025-0712
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-07-30

Last updated on: 2025-07-31

Assigner: Elastic

Description
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-30
Last Modified
2025-07-31
Generated
2026-05-27
AI Q&A
2025-07-30
EPSS Evaluated
2026-05-25
NVD
CVE-2025-0712
EUVD
EUVD-2025-23061
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an uncontrolled search path element issue caused by insecure directory permissions. It allows an attacker with local access to exploit improper handling of directory permissions to move and delete arbitrary files. This can lead to local privilege escalation, potentially allowing the attacker to gain SYSTEM-level privileges.


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an attacker with local access to escalate their privileges to SYSTEM level. This means the attacker could gain full control over the affected system, including the ability to modify or delete critical files, install malicious software, and compromise system integrity and confidentiality.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart