CVE-2025-1683

High CVSS: 7.8

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links.

Vendor

Product

Platform

CWE

CWE-59

Yayın Tarihi

2025-03-12 16:15:20

Güncelleme

2026-01-30 16:36:55

Source Identifier

security@1e.com

KEV Date Added

Kategoriler

CWE-59 Platform HIGH 1e 2025

Referanslar

https://capec.mitre.org/data/definitions/27.html https://cwe.mitre.org/data/definitions/59.html https://nvd.nist.gov/vuln/detail/CVE-2025-1683 https://www.teamviewer.com/en/resources/trust-center/security-bulletins/1e-2025-2001/

Benzer Kayıtlar

High

CVE-2025-57210

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive…

High

CVE-2025-57212

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive i…

High

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensiti…

Medium

CVE-2025-10822

A vulnerability has been found in fuyang_lipengjun platform 1.0. The impacted element is the function SysSmsLogControlle…

Medium

CVE-2025-10821

A flaw has been found in fuyang_lipengjun platform 1.0. The affected element is the function TopicCategoryController of…

Medium

CVE-2025-10820

A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacted is the function TopicController of the file /top…