CVE-2025-37735
Unknown
Unknown - Not Provided
BaseFortify
Description
Description
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| elastic | defend | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-281 | The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper preservation of permissions in Elastic Defend on Windows hosts, which allows the Defend service running with SYSTEM privileges to delete arbitrary files on the system. This flaw can potentially be exploited to escalate local privileges.
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary file deletion by a high-privilege service, which may cause system instability, data loss, or unauthorized modification of system files. Additionally, it can be exploited to escalate local privileges, increasing the risk of further system compromise.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70