CVE-2025-69784 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by th…
High CVSS: 8.8

CVE-2025-69784

A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into high-privilege processes. This results in arbitrary code execution with SYSTEM privileges, leading to full compromise of the affected system.
Vendor
Xcitium
Product
Openedr
CWE
CWE-427
Yayın Tarihi
2026-03-16 16:16:13
Güncelleme
2026-03-20 13:51:52
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-427 Openedr HIGH Xcitium 2026

Referanslar

https://gist.github.com/ikerl/c3ec81f12ded44c2e0ae2dfdacb562ba https://github.com/ComodoSecurity/openedr https://github.com/ComodoSecurity/openedr/issues/49 https://scavengersecurity.com/posts/edr-as-rootkit-2/ https://www.openedr.com/