CVE-2025-57625

Published: Sep 16, 2025Modified: Sep 17, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by the Cyrisma_Agent service when it starts

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (3)

https://msry1.gitbook.io/thegoldenrecord/blog/vulnerability-and-bug-disclosures/cyrsma-sensor-version-less-than-2.5

Source: cve@mitre.org

https://youtu.be/2DScqXPtrWw

Source: cve@mitre.org

https://msry1.gitbook.io/thegoldenrecord/blog/vulnerability-and-bug-disclosures/cyrsma-sensor-version-less-than-2.5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.