CVE-2025-52094
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-22
Last updated on: 2025-08-26
Assigner: MITRE
Description
Description
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pdq | smartdeploy | 3.0.2040 |
| pdq | smartdeploy | 3.0.2046 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Insecure Permissions issue in PDQ Smart Deploy version 3.0.2040 that allows a local attacker to execute arbitrary code by exploiting the \HKLM\SYSTEM\Setup\SmartDeploy component.
How can this vulnerability impact me? :
An attacker with local access could exploit this vulnerability to run arbitrary code on the affected system, potentially leading to unauthorized actions, system compromise, or data loss.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70