CVE-2025-43922

Published: Apr 21, 2025Modified: Apr 23, 2025

8.1

Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 1.4 / Impact: 6.0

Source: MITRE (Secondary)

Description

The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM.

Related CWEs

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (1)

https://kb.filewave.com/books/downloads/page/filewave-version-1603

Source: cve@mitre.org

Timeline

No history available yet.