CVE-2025-69875

High CVSS: 7.8

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation.

Vendor

Quickheal

Product

Total Security

CWE

CWE-269

Yayın Tarihi

2026-02-03 18:16:17

Güncelleme

2026-02-11 16:06:40

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-269 Total Security HIGH Quickheal 2026

Referanslar

https://github.com/mertdas/QuickHealTotalSecurityPOC https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-59439/