CVE-2025-45737

Published: Jun 27, 2025Modified: Oct 15, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Exploitability: 3.9 / Impact: 2.5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component.

Affected (1)

Products: Netease: Neacsafe64

Netease

1 product

Neacsafe64

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Netease Neacsafe64	Before 1.0.0.8

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

https://github.com/za233/NeacController

Source: cve@mitre.org

Exploit

Timeline

No history available yet.