CVE-2025-66264
The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-11-26 01:16:10
Güncelleme
2025-12-01 15:39:53
Source Identifier
b7efe717-a805-47cf-8e9a-921fca0ce0ce
KEV Date Added
-