Security Advisory

CVE-2025-2297

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-28 15:40:14

Last updated 2025-07-28 17:22:18

Assigner BT

State PUBLISHED

Description

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.

← Browse all CVEs View on cve.org ↗