CVE-2025-61156

Published: Oct 29, 2025Modified: Oct 30, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary commands via an insecure IOCTL.

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (3)

https://github.com/D7EAD

Source: cve@mitre.org

https://github.com/D7EAD/CVE-2025-61156

Source: cve@mitre.org

https://threatfire.informer.com/download/

Source: cve@mitre.org

Timeline

No history available yet.