CVE-2025-10475
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. Upgrading to version 15.4.0.1028 is able to address this issue. It is advisable to upgrade the affected component.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10475
EUVD
EUVD-2025-29239
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
spyshelter spyshelter 15.4.0.1015
spyshelter spyshelter 15.4.0.1028
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-10475 is a local vulnerability in the SpyShelter.sys driver where a low-privilege user can exploit missing access control in the driver's IOCTL handler. This allows the attacker to send specially crafted IOCTL requests that forcibly terminate high-privilege or system processes, causing a denial of service by disrupting critical services or applications. [1, 2, 3]

Impact Analysis

This vulnerability can impact you by allowing a local low-privilege user to terminate important system or administrative processes, leading to denial of service. This disruption can affect system availability and stability, potentially interrupting critical operations or services running on the affected system. [1, 2, 3]

Detection Guidance

This vulnerability is a local privilege escalation and denial of service issue in the SpyShelter.sys driver caused by sending specially crafted IOCTL requests. Detection involves identifying attempts to send unauthorized IOCTL commands to the SpyShelter.sys driver. While no specific detection commands are provided, monitoring for unusual IOCTL requests or process terminations initiated by low-privilege users could help. The SpyShelter software includes a command line tool 'sps monitor' for real-time resource monitoring, which might assist in detecting abnormal behavior related to this vulnerability. [1, 4]

Mitigation Strategies

The immediate mitigation step is to upgrade SpyShelter to version 15.4.0.1028 or later, which addresses and eliminates this vulnerability. Since the attack requires local access, restricting local user privileges and monitoring for suspicious IOCTL activity can also help reduce risk until the upgrade is applied. [3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10475. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart