A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 12 Aug 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Aug 2025 07:45:00 +0000

Type Values Removed Values Added
Description A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.
Title Improper File Permissions Allow Local Privilege Escalation
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2025-08-12T18:03:02.285Z

Reserved: 2025-04-16T11:17:48.309Z

Link: CVE-2025-41686

cve-icon Vulnrichment

Updated: 2025-08-12T18:02:42.501Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-12T08:15:26.400

Modified: 2025-08-12T14:25:33.177

Link: CVE-2025-41686

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.