Security Advisory

CVE-2025-27237

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-03 11:28:43

Last updated 2026-02-26 17:48:21

Assigner Zabbix

State PUBLISHED

Description

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

← Browse all CVEs View on cve.org ↗