{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0712", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "state": "PUBLISHED", "assignerShortName": "elastic", "dateReserved": "2025-01-24T11:35:22.838Z", "datePublished": "2025-07-30T00:12:43.639Z", "dateUpdated": "2025-07-30T14:06:16.977Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "APM Server", "vendor": "Elastic", "versions": [{"lessThanOrEqual": "8.16.2", "status": "affected", "version": "8.16", "versionType": "semver"}, {"lessThanOrEqual": "8.17.0", "status": "affected", "version": "8.17", "versionType": "semver"}]}], "datePublic": "2025-07-30T00:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<b><span style=\"background-color: transparent;\">An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.</span></b><br>"}], "value": "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-07-30T00:12:43.639Z"}, "references": [{"url": "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558"}], "source": {"discovery": "UNKNOWN"}, "title": "APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-30T14:05:34.662092Z", "id": "CVE-2025-0712", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T14:06:16.977Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0712", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-30T14:05:34.662092Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T14:06:07.001Z"}}], "cna": {"title": "APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Elastic", "product": "APM Server", "versions": [{"status": "affected", "version": "8.16", "versionType": "semver", "lessThanOrEqual": "8.16.2"}, {"status": "affected", "version": "8.17", "versionType": "semver", "lessThanOrEqual": "8.17.0"}], "defaultStatus": "unaffected"}], "datePublic": "2025-07-30T00:05:00.000Z", "references": [{"url": "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.", "supportingMedia": [{"type": "text/html", "value": "<b><span style=\"background-color: transparent;\">An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.</span></b><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-07-30T00:12:43.639Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0712", "state": "PUBLISHED", "dateUpdated": "2025-07-30T14:06:16.977Z", "dateReserved": "2025-01-24T11:35:22.838Z", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "datePublished": "2025-07-30T00:12:43.639Z", "assignerShortName": "elastic"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges."}, {"lang": "es", "value": "Una vulnerabilidad en un elemento de ruta de b\u00fasqueda no controlada puede provocar una escalada de privilegios locales (LPE) mediante permisos de directorio inseguros. Esta vulnerabilidad surge de la gesti\u00f3n incorrecta de los permisos de directorio. Un atacante con acceso local podr\u00eda explotar esta vulnerabilidad para mover y eliminar archivos arbitrarios, obteniendo as\u00ed privilegios de SYSTEM."}], "id": "CVE-2025-0712", "lastModified": "2025-07-31T18:42:37.870", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "bressers@elastic.co", "type": "Secondary"}]}, "published": "2025-07-30T01:15:24.513", "references": [{"source": "bressers@elastic.co", "url": "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "bressers@elastic.co", "type": "Secondary"}]}

{}

{"created": "2025-07-30T10:14:01.042053+00:00", "updated": "2025-07-30T10:14:01.042118+00:00", "vendors": ["elastic", "elastic$PRODUCT$apm_server"]}