CVE-2025-4272

Sažetak

A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Reference

https://drive.google.com/file/d/1VKhLyW0oglACkt-5PgTtN9oRB2jMczeh/view?usp=sharing
https://vuldb.com/?ctiid.307376
https://vuldb.com/?id.307376
https://vuldb.com/?submit.563468
https://www.yuque.com/ba1ma0-an29k/nnxoap/bhd5ckqugggmpttp?singleDoc

CVSS

Base:	6.0
Impact:	10.0
Exploitability:	1.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:H/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-05-2025 - 20:54

Objavljeno

05-05-2025 - 11:15