CVE-2025-20094

High CVSS: 8.8

Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege.

Vendor

Hummingheads

Product

Defense Platform

CWE

CWE-422

Yayın Tarihi

2025-02-06 08:15:29

Güncelleme

2026-02-04 20:24:17

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-422 Defense Platform HIGH Hummingheads 2025

Referanslar

https://jvn.jp/en/jp/JVN66673020/ https://www.hummingheads.co.jp/dep/storelist/

Benzer Kayıtlar

High

CVE-2025-22894

Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier…

High

CVE-2025-23236

Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs…

Medium

CVE-2025-24483

NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker…

Medium

CVE-2025-24845

Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home…

High

CVE-2025-22890

Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an atta…